From 48db85301e44f34c7943344ad7016eb80bee1924 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Sun, 2 Mar 2025 11:14:07 +0000 Subject: [PATCH] update CMSgov data: Sun Mar 2 11:14:07 UTC 2025 --- .../CMSgov/AB2D-Libs/AB2D-Libs_data.json | 854 +-- ...CS-DSG-DSS-Certification-Staging_data.json | 862 +-- .../CMCS-DSG-DSS-Certification_data.json | 854 +-- .../CMCS-DSG-DSS-Oversight_data.json | 560 +- .../CMMI-Health-Equity_data.json | 510 +- ...S-GoogleMaps-Socrata-Integration_data.json | 604 +- .../Chargemasters/Chargemasters_data.json | 540 +- app/site/_data/CMSgov/ECTA/ECTA_data.json | 594 +- .../GHubSecrtsFlow/GHubSecrtsFlow_data.json | 514 +- .../HealthCare.gov-Styleguide_data.json | 714 +-- ...ion-Technology-Architecture-MITA_data.json | 624 +- .../QHP-provider-formulary-APIs_data.json | 628 +- .../SMA-Endpoint-Directory_data.json | 544 +- ...Quality-Measures-Generation-Code_data.json | 1480 ++--- .../ab2d-bcda-dpc-platform_data.json | 1218 ++-- .../ab2d-contracts/ab2d-contracts_data.json | 854 +-- .../CMSgov/ab2d-events/ab2d-events_data.json | 848 +-- .../CMSgov/ab2d-gradle/ab2d-gradle_data.json | 624 +- .../ab2d-lambdas/ab2d-lambdas_data.json | 924 +-- .../ab2d-pdp-documentation_data.json | 610 +- .../ab2d-properties/ab2d-properties_data.json | 896 +-- .../ab2d-sample-client-bash_data.json | 674 +- .../ab2d-sample-client-powershell_data.json | 686 +-- .../ab2d-sample-client-python_data.json | 674 +- app/site/_data/CMSgov/ab2d/ab2d_data.json | 966 +-- .../CMSgov/ai_website/ai_website_data.json | 662 +- .../ansible-role-appian_data.json | 606 +- .../ars-machine-readable_data.json | 1444 ++--- .../aws-s3-baseline/aws-s3-baseline_data.json | 642 +- .../batcave-website/batcave-website_data.json | 510 +- .../_data/CMSgov/bcda-app/bcda-app_data.json | 982 +-- .../bcda-ssas-app/bcda-ssas-app_data.json | 952 +-- .../bcda-static-site_data.json | 1112 ++-- .../beneficiary-fhir-data_data.json | 2148 +++---- ...beneficiary-reporting-validation_data.json | 752 +-- .../bluebutton-css/bluebutton-css_data.json | 862 +-- ...utton-sample-client-nodejs-react_data.json | 1692 ++--- .../bluebutton-web-deployment_data.json | 956 +-- .../bluebutton-web-server_data.json | 2594 ++++---- .../CMSgov/certwatcher/certwatcher_data.json | 616 +- .../claims-api-ecosystem-website_data.json | 700 +-- .../cms-bb2-java-sdk_data.json | 636 +- .../cms-bb2-node-sdk_data.json | 1176 ++-- .../cms-bb2-python-sdk_data.json | 764 +-- .../cms-oeda-dasg/cms-oeda-dasg_data.json | 552 +- .../cmscloud-infra-azops_data.json | 672 +- .../cmscloud-infra-mag-jmeter-aci_data.json | 692 +-- .../coverage-inspector_data.json | 510 +- .../design-system/design-system_data.json | 1064 ++-- .../distributed-load-testing-on-aws_data.json | 558 +- .../CMSgov/downshift/downshift_data.json | 960 +-- .../_data/CMSgov/dpc-app/dpc-app_data.json | 1424 ++--- .../dpc-static-site/dpc-static-site_data.json | 1116 ++-- .../_data/CMSgov/dpc_aop/dpc_aop_data.json | 1582 ++--- .../drive2gource/drive2gource_data.json | 576 +- .../_data/CMSgov/easi-app/easi-app_data.json | 4224 ++++++------- .../CMSgov/easi-shared/easi-shared_data.json | 882 +-- app/site/_data/CMSgov/ec2ssm/ec2ssm_data.json | 574 +- .../CMSgov/fr-notices/fr-notices_data.json | 582 +- .../hospital-price-transparency_data.json | 602 +- .../_data/CMSgov/hpt-tool/hpt-tool_data.json | 1054 ++-- .../hpt-validator-cli_data.json | 820 +-- .../hpt-validator-tool_data.json | 800 +-- .../hpt-validator/hpt-validator_data.json | 964 +-- .../httpie-edgegrid/httpie-edgegrid_data.json | 650 +- .../inspec-k8s-node/inspec-k8s-node_data.json | 574 +- .../k8s-cluster-stig-baseline_data.json | 606 +- .../k8s-node-stig-baseline_data.json | 576 +- .../lambda-clamav-layer_data.json | 614 +- .../_data/CMSgov/mint-app/mint-app_data.json | 5456 ++++++++--------- .../newrelic_mysql_java_plugin_data.json | 700 +-- .../nimbus-pub-code-scanning-1_data.json | 696 +-- .../nimbus-pub-github-action-poc_data.json | 694 +-- .../oopc-calculations_data.json | 544 +- ...oracle-database-19c-cis-baseline_data.json | 604 +- .../portal-test-user-manager_data.json | 704 +-- ...ice-transparency-guide-validator_data.json | 1096 ++-- .../price-transparency-guide_data.json | 726 +-- .../qpp-conversion-tool_data.json | 1044 ++-- .../CMSgov/qpp-eu-data/qpp-eu-data_data.json | 1196 ++-- .../qpp-file-upload-api-client_data.json | 916 +-- .../qpp-measures-data_data.json | 1002 +-- .../qpp-shared-api-versioning-node_data.json | 774 +-- .../qpp-shared-healthcheck-node_data.json | 672 +- .../qpp-shared-logger-node_data.json | 1242 ++-- .../rato-website/rato-website_data.json | 714 +-- ...enterprise-linux-8-stig-baseline_data.json | 738 +-- .../_data/CMSgov/snyk_web/snyk_web_data.json | 674 +- .../vsam-migration-scenarios_data.json | 544 +- .../web-design-standards_data.json | 1058 ++-- 90 files changed, 41857 insertions(+), 41827 deletions(-) diff --git a/app/site/_data/CMSgov/AB2D-Libs/AB2D-Libs_data.json b/app/site/_data/CMSgov/AB2D-Libs/AB2D-Libs_data.json index 9d4c06a967..f6b16a56cc 100644 --- a/app/site/_data/CMSgov/AB2D-Libs/AB2D-Libs_data.json +++ b/app/site/_data/CMSgov/AB2D-Libs/AB2D-Libs_data.json @@ -1,417 +1,447 @@ { - "url": "https://github.com/CMSgov/AB2D-Libs", - "owner": "CMSgov", - "name": "AB2D-Libs", - "description": null, - "commits_count": 176, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 437, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 152, - "closed_pull_requests_count": 285, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 8, - "total_project_lines": 31891, - "average_project_lines": 162, - "total_project_comment_lines": 1605, - "average_project_comment_lines": 8, - "total_project_blank_lines": 1895, - "average_blank_lines": 10, - "commits_by_month": { - "2025/2": 8, - "2025/1": 9, - "2024/12": 2, - "2024/11": 1, - "2024/10": 1, - "2024/9": 3, - "2024/8": 4, - "2024/7": 2 - }, - "new_commit_contributors_by_day_over_last_month": [ - [ - "2025-02-03T06:00:00.000Z", - 1 - ], - [ - "2025-02-07T06:00:00.000Z", - 1 - ], - [ - "2025-02-25T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/AB2D-Libs", + "owner": "CMSgov", + "name": "AB2D-Libs", + "description": null, + "commits_count": 176, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 437, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 152, + "closed_pull_requests_count": 285, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 8, + "total_project_lines": 31891, + "average_project_lines": 162, + "total_project_comment_lines": 1605, + "average_project_comment_lines": 8, + "total_project_blank_lines": 1895, + "average_blank_lines": 10, + "commits_by_month": { + "2025/2": 8, + "2025/1": 9, + "2024/12": 2, + "2024/11": 1, + "2024/10": 1, + "2024/9": 3, + "2024/8": 4, + "2024/7": 2 + }, + "new_commit_contributors_by_day_over_last_month": [ + [ + "2025-02-03T06:00:00.000Z", + 1 ], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-17T05:00:00.000Z", - 1 - ], - [ - "2024-09-18T05:00:00.000Z", - 1 - ], - [ - "2025-01-13T06:00:00.000Z", - 1 - ], - [ - "2025-02-07T06:00:00.000Z", - 1 - ] + [ + "2025-02-07T06:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-08-11T18:29:28Z", - "ossf_scorecard": { - "date": "2025-02-23T16:43:20Z", - "repo": { - "name": "github.com/CMSgov/AB2D-Libs", - "commit": "f059f3c89bc1cc34f234bee0c59071b65fd31687" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.3, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 4, - "reason": "14 out of 30 merged PRs checked by a CI test -- score normalized to 4", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 5 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "18 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 415285, - "CodeBytes": 0, - "Lines": 10784, - "Code": 7865, - "Comment": 1359, - "Blank": 1560, - "Complexity": 455, - "Count": 120, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 1425560, - "CodeBytes": 0, - "Lines": 19075, - "Code": 19075, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 36, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gradle", - "Bytes": 19848, - "CodeBytes": 0, - "Lines": 497, - "Code": 409, - "Comment": 21, - "Blank": 67, - "Complexity": 0, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 14733, - "CodeBytes": 0, - "Lines": 388, - "Code": 283, - "Comment": 0, - "Blank": 105, - "Complexity": 0, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 1906, - "CodeBytes": 0, - "Lines": 54, - "Code": 43, - "Comment": 4, - "Blank": 7, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 6197, - "CodeBytes": 0, - "Lines": 212, - "Code": 179, - "Comment": 5, - "Blank": 28, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7048, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 5986, - "CodeBytes": 0, - "Lines": 155, - "Code": 67, - "Comment": 67, - "Blank": 21, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 815980.6355201136, - "estimatedScheduleMonths_low": 13.184545570565955, - "estimatedPeople_low": 6.029262532629327, - "estimatedCost_high": 2542952.0436866013, - "estimatedScheduleMonths_high": 13.184545570565955, - "estimatedPeople_high": 6.029262532629327, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 120 10784 1560 1359 7865 455\n(ULOC) 5350\n-------------------------------------------------------------------------------\nJSON 36 19075 0 0 19075 0\n(ULOC) 2316\n-------------------------------------------------------------------------------\nGradle 10 497 67 21 409 0\n(ULOC) 299\n-------------------------------------------------------------------------------\nMarkdown 10 388 105 0 283 0\n(ULOC) 219\n-------------------------------------------------------------------------------\nProperties File 5 54 7 4 43 0\n(ULOC) 42\n-------------------------------------------------------------------------------\nYAML 5 212 28 5 179 0\n(ULOC) 131\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nXML 1 155 21 67 67 0\n(ULOC) 121\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 189 31295 1802 1456 28037 455\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 8574\nDRYness % 0.27\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $894,774\nEstimated Schedule Effort (organic) 13.18 months\nEstimated People Required (organic) 6.03\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 1896945 bytes, 1.897 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2025-02-25T06:00:00.000Z", + 1 + ] + ], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-17T05:00:00.000Z", + 1 + ], + [ + "2024-09-18T05:00:00.000Z", + 1 + ], + [ + "2025-01-13T06:00:00.000Z", + 1 + ], + [ + "2025-02-07T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-08-11T18:29:28Z", + "ossf_scorecard": { + "date": "2025-02-23T16:43:20Z", + "repo": { + "name": "github.com/CMSgov/AB2D-Libs", + "commit": "f059f3c89bc1cc34f234bee0c59071b65fd31687" }, - "predominant_langs": { - "Java": 415285 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 6.3, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 4, + "reason": "14 out of 30 merged PRs checked by a CI test -- score normalized to 4", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 5 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "18 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 415285, + "CodeBytes": 0, + "Lines": 10784, + "Code": 7865, + "Comment": 1359, + "Blank": 1560, + "Complexity": 455, + "Count": 120, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 1425560, + "CodeBytes": 0, + "Lines": 19075, + "Code": 19075, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 36, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gradle", + "Bytes": 20002, + "CodeBytes": 0, + "Lines": 500, + "Code": 408, + "Comment": 25, + "Blank": 67, + "Complexity": 0, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 14733, + "CodeBytes": 0, + "Lines": 388, + "Code": 283, + "Comment": 0, + "Blank": 105, + "Complexity": 0, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 2307, + "CodeBytes": 0, + "Lines": 64, + "Code": 53, + "Comment": 4, + "Blank": 7, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 5346, + "CodeBytes": 0, + "Lines": 198, + "Code": 162, + "Comment": 5, + "Blank": 31, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Batch", + "Bytes": 5526, + "CodeBytes": 0, + "Lines": 178, + "Code": 136, + "Comment": 0, + "Blank": 42, + "Complexity": 36, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 13844, + "CodeBytes": 0, + "Lines": 419, + "Code": 226, + "Comment": 145, + "Blank": 48, + "Complexity": 31, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7048, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 5986, + "CodeBytes": 0, + "Lines": 155, + "Code": 67, + "Comment": 67, + "Blank": 21, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 826801.8845741417, + "estimatedScheduleMonths_low": 13.25071690874668, + "estimatedPeople_low": 6.0787123151529245, + "estimatedCost_high": 2576675.781970712, + "estimatedScheduleMonths_high": 13.25071690874668, + "estimatedPeople_high": 6.0787123151529245, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 120 10784 1560 1359 7865 455\n(ULOC) 5350\n-------------------------------------------------------------------------------\nJSON 36 19075 0 0 19075 0\n(ULOC) 2316\n-------------------------------------------------------------------------------\nGradle 10 500 67 25 408 0\n(ULOC) 302\n-------------------------------------------------------------------------------\nMarkdown 10 388 105 0 283 0\n(ULOC) 219\n-------------------------------------------------------------------------------\nProperties File 7 64 7 4 53 0\n(ULOC) 48\n-------------------------------------------------------------------------------\nYAML 7 198 31 5 162 0\n(ULOC) 120\n-------------------------------------------------------------------------------\nBatch 2 178 42 0 136 36\n(ULOC) 56\n-------------------------------------------------------------------------------\nShell 2 419 48 145 226 31\n(ULOC) 259\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nXML 1 155 21 67 67 0\n(ULOC) 121\n───────────────────────────────────────────────────────────────────────────────\nTotal 197 31891 1895 1605 28391 522\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 8885\nDRYness % 0.28\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $906,640\nEstimated Schedule Effort (organic) 13.25 months\nEstimated People Required (organic) 6.08\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1916019 bytes, 1.916 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 415285 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/CMCS-DSG-DSS-Certification-Staging/CMCS-DSG-DSS-Certification-Staging_data.json b/app/site/_data/CMSgov/CMCS-DSG-DSS-Certification-Staging/CMCS-DSG-DSS-Certification-Staging_data.json index 379a913d7f..d13d220eea 100644 --- a/app/site/_data/CMSgov/CMCS-DSG-DSS-Certification-Staging/CMCS-DSG-DSS-Certification-Staging_data.json +++ b/app/site/_data/CMSgov/CMCS-DSG-DSS-Certification-Staging/CMCS-DSG-DSS-Certification-Staging_data.json @@ -1,435 +1,435 @@ { - "url": "https://github.com/CMSgov/CMCS-DSG-DSS-Certification-Staging", - "owner": "CMSgov", - "name": "CMCS-DSG-DSS-Certification-Staging", - "description": "(This is the STAGING repo.) Welcome to the MES Certification Repository, a collaborative community for CMS, states, and vendors. For more information about the repository, and how to use it, take a look at the ReadMe section.", - "commits_count": 1037, - "issues_count": 64, - "open_issues_count": 9, - "closed_issues_count": 55, - "pull_requests_count": 152, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 125, - "closed_pull_requests_count": 25, - "forks_count": 6, - "stargazers_count": 10, - "watchers_count": 13, - "total_project_lines": 28555, - "average_project_lines": 65, - "total_project_comment_lines": 5191, - "average_project_comment_lines": 12, - "total_project_blank_lines": 4879, - "average_blank_lines": 11, - "commits_by_month": { - "2024/9": 10, - "2024/8": 20 + "url": "https://github.com/CMSgov/CMCS-DSG-DSS-Certification-Staging", + "owner": "CMSgov", + "name": "CMCS-DSG-DSS-Certification-Staging", + "description": "(This is the STAGING repo.) Welcome to the MES Certification Repository, a collaborative community for CMS, states, and vendors. For more information about the repository, and how to use it, take a look at the ReadMe section.", + "commits_count": 1037, + "issues_count": 64, + "open_issues_count": 9, + "closed_issues_count": 55, + "pull_requests_count": 152, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 125, + "closed_pull_requests_count": 25, + "forks_count": 6, + "stargazers_count": 10, + "watchers_count": 13, + "total_project_lines": 28555, + "average_project_lines": 65, + "total_project_comment_lines": 5191, + "average_project_comment_lines": 12, + "total_project_blank_lines": 4879, + "average_blank_lines": 11, + "commits_by_month": { + "2024/9": 10, + "2024/8": 20 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-01-13T20:04:01Z", + "ossf_scorecard": { + "date": "2025-02-23T16:37:18Z", + "repo": { + "name": "github.com/CMSgov/CMCS-DSG-DSS-Certification-Staging", + "commit": "b02952492044c7a65b5e3ee5ad20f692bca4a355" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-01-13T20:04:01Z", - "ossf_scorecard": { - "date": "2025-02-23T16:37:18Z", - "repo": { - "name": "github.com/CMSgov/CMCS-DSG-DSS-Certification-Staging", - "commit": "b02952492044c7a65b5e3ee5ad20f692bca4a355" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 5, - "reason": "2 out of 4 merged PRs checked by a CI test -- score normalized to 5", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 9 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 7, - "reason": "3 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "JavaScript", - "Bytes": 759125, - "CodeBytes": 0, - "Lines": 17545, - "Code": 10927, - "Comment": 3307, - "Blank": 3311, - "Complexity": 3481, - "Count": 165, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 112278, - "CodeBytes": 0, - "Lines": 4923, - "Code": 3798, - "Comment": 370, - "Blank": 755, - "Complexity": 0, - "Count": 75, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 120338, - "CodeBytes": 0, - "Lines": 933, - "Code": 864, - "Comment": 0, - "Blank": 69, - "Complexity": 0, - "Count": 58, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript Typings", - "Bytes": 87178, - "CodeBytes": 0, - "Lines": 2719, - "Code": 1133, - "Comment": 1475, - "Blank": 111, - "Complexity": 194, - "Count": 54, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 173624, - "CodeBytes": 0, - "Lines": 1936, - "Code": 1328, - "Comment": 0, - "Blank": 608, - "Complexity": 0, - "Count": 37, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 15548, - "CodeBytes": 0, - "Lines": 31, - "Code": 31, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 31, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 7713, - "CodeBytes": 0, - "Lines": 233, - "Code": 220, - "Comment": 4, - "Blank": 9, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 4701, - "CodeBytes": 0, - "Lines": 146, - "Code": 121, - "Comment": 17, - "Blank": 8, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 258514, - "CodeBytes": 0, - "Lines": 4, - "Code": 4, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 1570, - "CodeBytes": 0, - "Lines": 40, - "Code": 40, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 1130, - "CodeBytes": 0, - "Lines": 31, - "Code": 10, - "Comment": 17, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 453, - "CodeBytes": 0, - "Lines": 14, - "Code": 9, - "Comment": 1, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 526892.6754798384, - "estimatedScheduleMonths_low": 11.165578854823234, - "estimatedPeople_low": 4.5971685433886025, - "estimatedCost_high": 1642027.6996658326, - "estimatedScheduleMonths_high": 11.165578854823234, - "estimatedPeople_high": 4.5971685433886025, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJavaScript 165 17545 3311 3307 10927 3481\n(ULOC) 4537\n-------------------------------------------------------------------------------\nSass 75 4923 755 370 3798 0\n(ULOC) 2429\n-------------------------------------------------------------------------------\nCSV 58 933 69 0 864 0\n(ULOC) 624\n-------------------------------------------------------------------------------\nTypeScript Typings 54 2719 111 1475 1133 194\n(ULOC) 1192\n-------------------------------------------------------------------------------\nMarkdown 37 1936 608 0 1328 0\n(ULOC) 900\n-------------------------------------------------------------------------------\nSVG 31 31 0 0 31 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nHTML 7 233 9 4 220 0\n(ULOC) 203\n-------------------------------------------------------------------------------\nYAML 5 146 8 17 121 0\n(ULOC) 135\n-------------------------------------------------------------------------------\nCSS 4 4 0 0 4 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nJSON 3 40 0 0 40 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nGemfile 1 31 4 17 10 0\n(ULOC) 26\n-------------------------------------------------------------------------------\nMakefile 1 14 4 1 9 0\n(ULOC) 12\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 441 28555 4879 5191 18485 3675\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 9604\nDRYness % 0.34\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $577,771\nEstimated Schedule Effort (organic) 11.17 months\nEstimated People Required (organic) 4.60\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 1542172 bytes, 1.542 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "JavaScript": 759125, - "SCSS": 112278, - "HTML": 7713, - "Ruby": 1130, - "Makefile": 453 - }, - "average_issue_resolution_time": [ - [ - "cmcs-dsg-dss-certification-staging", - "44 days 19:42:21" - ] + "score": 5.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 5, + "reason": "2 out of 4 merged PRs checked by a CI test -- score normalized to 5", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 9 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 7, + "reason": "3 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JavaScript", + "Bytes": 759125, + "CodeBytes": 0, + "Lines": 17545, + "Code": 10927, + "Comment": 3307, + "Blank": 3311, + "Complexity": 3481, + "Count": 165, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 112278, + "CodeBytes": 0, + "Lines": 4923, + "Code": 3798, + "Comment": 370, + "Blank": 755, + "Complexity": 0, + "Count": 75, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 120338, + "CodeBytes": 0, + "Lines": 933, + "Code": 864, + "Comment": 0, + "Blank": 69, + "Complexity": 0, + "Count": 58, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript Typings", + "Bytes": 87178, + "CodeBytes": 0, + "Lines": 2719, + "Code": 1133, + "Comment": 1475, + "Blank": 111, + "Complexity": 194, + "Count": 54, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 173624, + "CodeBytes": 0, + "Lines": 1936, + "Code": 1328, + "Comment": 0, + "Blank": 608, + "Complexity": 0, + "Count": 37, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 15548, + "CodeBytes": 0, + "Lines": 31, + "Code": 31, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 31, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 7713, + "CodeBytes": 0, + "Lines": 233, + "Code": 220, + "Comment": 4, + "Blank": 9, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 4701, + "CodeBytes": 0, + "Lines": 146, + "Code": 121, + "Comment": 17, + "Blank": 8, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 258514, + "CodeBytes": 0, + "Lines": 4, + "Code": 4, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 1570, + "CodeBytes": 0, + "Lines": 40, + "Code": 40, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 1130, + "CodeBytes": 0, + "Lines": 31, + "Code": 10, + "Comment": 17, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 453, + "CodeBytes": 0, + "Lines": 14, + "Code": 9, + "Comment": 1, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "estimatedCost_low": 526892.6754798384, + "estimatedScheduleMonths_low": 11.165578854823234, + "estimatedPeople_low": 4.5971685433886025, + "estimatedCost_high": 1642027.6996658326, + "estimatedScheduleMonths_high": 11.165578854823234, + "estimatedPeople_high": 4.5971685433886025, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 165 17545 3311 3307 10927 3481\n(ULOC) 4537\n-------------------------------------------------------------------------------\nSass 75 4923 755 370 3798 0\n(ULOC) 2429\n-------------------------------------------------------------------------------\nCSV 58 933 69 0 864 0\n(ULOC) 624\n-------------------------------------------------------------------------------\nTypeScript Typings 54 2719 111 1475 1133 194\n(ULOC) 1192\n-------------------------------------------------------------------------------\nMarkdown 37 1936 608 0 1328 0\n(ULOC) 900\n-------------------------------------------------------------------------------\nSVG 31 31 0 0 31 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nHTML 7 233 9 4 220 0\n(ULOC) 203\n-------------------------------------------------------------------------------\nYAML 5 146 8 17 121 0\n(ULOC) 135\n-------------------------------------------------------------------------------\nCSS 4 4 0 0 4 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nJSON 3 40 0 0 40 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nGemfile 1 31 4 17 10 0\n(ULOC) 26\n-------------------------------------------------------------------------------\nMakefile 1 14 4 1 9 0\n(ULOC) 12\n───────────────────────────────────────────────────────────────────────────────\nTotal 441 28555 4879 5191 18485 3675\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 9604\nDRYness % 0.34\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $577,771\nEstimated Schedule Effort (organic) 11.17 months\nEstimated People Required (organic) 4.60\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1542172 bytes, 1.542 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 759125, + "SCSS": 112278, + "HTML": 7713, + "Ruby": 1130, + "Makefile": 453 + }, + "average_issue_resolution_time": [ + [ + "cmcs-dsg-dss-certification-staging", + "44 days 19:42:21" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/CMCS-DSG-DSS-Certification/CMCS-DSG-DSS-Certification_data.json b/app/site/_data/CMSgov/CMCS-DSG-DSS-Certification/CMCS-DSG-DSS-Certification_data.json index 5a7598e662..1d880105d3 100644 --- a/app/site/_data/CMSgov/CMCS-DSG-DSS-Certification/CMCS-DSG-DSS-Certification_data.json +++ b/app/site/_data/CMSgov/CMCS-DSG-DSS-Certification/CMCS-DSG-DSS-Certification_data.json @@ -1,430 +1,430 @@ { - "url": "https://github.com/CMSgov/CMCS-DSG-DSS-Certification", - "owner": "CMSgov", - "name": "CMCS-DSG-DSS-Certification", - "description": "This is the PROD repo. Commits made to the main branch of the staging repo (https://github.com/CMSgov/CMCS-DSG-DSS-Certification-Staging) will be automatically merged in and deployed here. Please open Issues and Pull Requests in the Staging repo instead.", - "commits_count": 1041, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 10, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 4, - "closed_pull_requests_count": 6, - "forks_count": 2, - "stargazers_count": 11, - "watchers_count": 15, - "total_project_lines": 28555, - "average_project_lines": 65, - "total_project_comment_lines": 5191, - "average_project_comment_lines": 12, - "total_project_blank_lines": 4879, - "average_blank_lines": 11, - "commits_by_month": { - "2024/9": 12, - "2024/8": 18 + "url": "https://github.com/CMSgov/CMCS-DSG-DSS-Certification", + "owner": "CMSgov", + "name": "CMCS-DSG-DSS-Certification", + "description": "This is the PROD repo. Commits made to the main branch of the staging repo (https://github.com/CMSgov/CMCS-DSG-DSS-Certification-Staging) will be automatically merged in and deployed here. Please open Issues and Pull Requests in the Staging repo instead.", + "commits_count": 1041, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 10, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 4, + "closed_pull_requests_count": 6, + "forks_count": 2, + "stargazers_count": 11, + "watchers_count": 15, + "total_project_lines": 28555, + "average_project_lines": 65, + "total_project_comment_lines": 5191, + "average_project_comment_lines": 12, + "total_project_blank_lines": 4879, + "average_blank_lines": 11, + "commits_by_month": { + "2024/9": 12, + "2024/8": 18 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-11-26T21:22:21Z", + "ossf_scorecard": { + "date": "2025-02-23T16:37:36Z", + "repo": { + "name": "github.com/CMSgov/CMCS-DSG-DSS-Certification", + "commit": "585b5a9be6c83a9d5698a6d1db93a78e4fdf6271" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-11-26T21:22:21Z", - "ossf_scorecard": { - "date": "2025-02-23T16:37:36Z", - "repo": { - "name": "github.com/CMSgov/CMCS-DSG-DSS-Certification", - "commit": "585b5a9be6c83a9d5698a6d1db93a78e4fdf6271" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.7, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 9 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 7, - "reason": "3 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "JavaScript", - "Bytes": 759125, - "CodeBytes": 0, - "Lines": 17545, - "Code": 10927, - "Comment": 3307, - "Blank": 3311, - "Complexity": 3481, - "Count": 165, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 112278, - "CodeBytes": 0, - "Lines": 4923, - "Code": 3798, - "Comment": 370, - "Blank": 755, - "Complexity": 0, - "Count": 75, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 120338, - "CodeBytes": 0, - "Lines": 933, - "Code": 864, - "Comment": 0, - "Blank": 69, - "Complexity": 0, - "Count": 58, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript Typings", - "Bytes": 87178, - "CodeBytes": 0, - "Lines": 2719, - "Code": 1133, - "Comment": 1475, - "Blank": 111, - "Complexity": 194, - "Count": 54, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 173624, - "CodeBytes": 0, - "Lines": 1936, - "Code": 1328, - "Comment": 0, - "Blank": 608, - "Complexity": 0, - "Count": 37, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 15548, - "CodeBytes": 0, - "Lines": 31, - "Code": 31, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 31, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 7713, - "CodeBytes": 0, - "Lines": 233, - "Code": 220, - "Comment": 4, - "Blank": 9, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 4701, - "CodeBytes": 0, - "Lines": 146, - "Code": 121, - "Comment": 17, - "Blank": 8, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 258514, - "CodeBytes": 0, - "Lines": 4, - "Code": 4, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 1570, - "CodeBytes": 0, - "Lines": 40, - "Code": 40, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 1130, - "CodeBytes": 0, - "Lines": 31, - "Code": 10, - "Comment": 17, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 453, - "CodeBytes": 0, - "Lines": 14, - "Code": 9, - "Comment": 1, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 526892.6754798384, - "estimatedScheduleMonths_low": 11.165578854823234, - "estimatedPeople_low": 4.5971685433886025, - "estimatedCost_high": 1642027.6996658326, - "estimatedScheduleMonths_high": 11.165578854823234, - "estimatedPeople_high": 4.5971685433886025, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJavaScript 165 17545 3311 3307 10927 3481\n(ULOC) 4537\n-------------------------------------------------------------------------------\nSass 75 4923 755 370 3798 0\n(ULOC) 2429\n-------------------------------------------------------------------------------\nCSV 58 933 69 0 864 0\n(ULOC) 624\n-------------------------------------------------------------------------------\nTypeScript Typings 54 2719 111 1475 1133 194\n(ULOC) 1192\n-------------------------------------------------------------------------------\nMarkdown 37 1936 608 0 1328 0\n(ULOC) 900\n-------------------------------------------------------------------------------\nSVG 31 31 0 0 31 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nHTML 7 233 9 4 220 0\n(ULOC) 203\n-------------------------------------------------------------------------------\nYAML 5 146 8 17 121 0\n(ULOC) 135\n-------------------------------------------------------------------------------\nCSS 4 4 0 0 4 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nJSON 3 40 0 0 40 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nGemfile 1 31 4 17 10 0\n(ULOC) 26\n-------------------------------------------------------------------------------\nMakefile 1 14 4 1 9 0\n(ULOC) 12\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 441 28555 4879 5191 18485 3675\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 9604\nDRYness % 0.34\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $577,771\nEstimated Schedule Effort (organic) 11.17 months\nEstimated People Required (organic) 4.60\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 1542172 bytes, 1.542 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "JavaScript": 759125, - "SCSS": 112278, - "HTML": 7713, - "Ruby": 1130, - "Makefile": 453 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.7, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 9 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 7, + "reason": "3 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JavaScript", + "Bytes": 759125, + "CodeBytes": 0, + "Lines": 17545, + "Code": 10927, + "Comment": 3307, + "Blank": 3311, + "Complexity": 3481, + "Count": 165, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 112278, + "CodeBytes": 0, + "Lines": 4923, + "Code": 3798, + "Comment": 370, + "Blank": 755, + "Complexity": 0, + "Count": 75, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 120338, + "CodeBytes": 0, + "Lines": 933, + "Code": 864, + "Comment": 0, + "Blank": 69, + "Complexity": 0, + "Count": 58, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript Typings", + "Bytes": 87178, + "CodeBytes": 0, + "Lines": 2719, + "Code": 1133, + "Comment": 1475, + "Blank": 111, + "Complexity": 194, + "Count": 54, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 173624, + "CodeBytes": 0, + "Lines": 1936, + "Code": 1328, + "Comment": 0, + "Blank": 608, + "Complexity": 0, + "Count": 37, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 15548, + "CodeBytes": 0, + "Lines": 31, + "Code": 31, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 31, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 7713, + "CodeBytes": 0, + "Lines": 233, + "Code": 220, + "Comment": 4, + "Blank": 9, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 4701, + "CodeBytes": 0, + "Lines": 146, + "Code": 121, + "Comment": 17, + "Blank": 8, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 258514, + "CodeBytes": 0, + "Lines": 4, + "Code": 4, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 1570, + "CodeBytes": 0, + "Lines": 40, + "Code": 40, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 1130, + "CodeBytes": 0, + "Lines": 31, + "Code": 10, + "Comment": 17, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 453, + "CodeBytes": 0, + "Lines": 14, + "Code": 9, + "Comment": 1, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 526892.6754798384, + "estimatedScheduleMonths_low": 11.165578854823234, + "estimatedPeople_low": 4.5971685433886025, + "estimatedCost_high": 1642027.6996658326, + "estimatedScheduleMonths_high": 11.165578854823234, + "estimatedPeople_high": 4.5971685433886025, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 165 17545 3311 3307 10927 3481\n(ULOC) 4537\n-------------------------------------------------------------------------------\nSass 75 4923 755 370 3798 0\n(ULOC) 2429\n-------------------------------------------------------------------------------\nCSV 58 933 69 0 864 0\n(ULOC) 624\n-------------------------------------------------------------------------------\nTypeScript Typings 54 2719 111 1475 1133 194\n(ULOC) 1192\n-------------------------------------------------------------------------------\nMarkdown 37 1936 608 0 1328 0\n(ULOC) 900\n-------------------------------------------------------------------------------\nSVG 31 31 0 0 31 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nHTML 7 233 9 4 220 0\n(ULOC) 203\n-------------------------------------------------------------------------------\nYAML 5 146 8 17 121 0\n(ULOC) 135\n-------------------------------------------------------------------------------\nCSS 4 4 0 0 4 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nJSON 3 40 0 0 40 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nGemfile 1 31 4 17 10 0\n(ULOC) 26\n-------------------------------------------------------------------------------\nMakefile 1 14 4 1 9 0\n(ULOC) 12\n───────────────────────────────────────────────────────────────────────────────\nTotal 441 28555 4879 5191 18485 3675\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 9604\nDRYness % 0.34\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $577,771\nEstimated Schedule Effort (organic) 11.17 months\nEstimated People Required (organic) 4.60\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1542172 bytes, 1.542 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 759125, + "SCSS": 112278, + "HTML": 7713, + "Ruby": 1130, + "Makefile": 453 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/CMCS-DSG-DSS-Oversight/CMCS-DSG-DSS-Oversight_data.json b/app/site/_data/CMSgov/CMCS-DSG-DSS-Oversight/CMCS-DSG-DSS-Oversight_data.json index ba03ee9ca6..910e7f8283 100644 --- a/app/site/_data/CMSgov/CMCS-DSG-DSS-Oversight/CMCS-DSG-DSS-Oversight_data.json +++ b/app/site/_data/CMSgov/CMCS-DSG-DSS-Oversight/CMCS-DSG-DSS-Oversight_data.json @@ -1,284 +1,284 @@ { - "url": "https://github.com/CMSgov/CMCS-DSG-DSS-Oversight", - "owner": "CMSgov", - "name": "CMCS-DSG-DSS-Oversight", - "description": "This repo supports the Division of State Systems ongoing oversight projects.", - "commits_count": 49, - "issues_count": 288, - "open_issues_count": 23, - "closed_issues_count": 265, - "pull_requests_count": 1, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 2, - "stargazers_count": 3, - "watchers_count": 17, - "total_project_lines": 63, - "average_project_lines": 13, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 15, - "average_blank_lines": 3, - "commits_by_month": { - "2021/3": 1, - "2021/1": 3, - "2020/12": 4, - "2020/11": 5, - "2020/10": 1, - "2020/8": 15, - "2020/7": 1 + "url": "https://github.com/CMSgov/CMCS-DSG-DSS-Oversight", + "owner": "CMSgov", + "name": "CMCS-DSG-DSS-Oversight", + "description": "This repo supports the Division of State Systems ongoing oversight projects.", + "commits_count": 49, + "issues_count": 288, + "open_issues_count": 23, + "closed_issues_count": 265, + "pull_requests_count": 1, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 2, + "stargazers_count": 3, + "watchers_count": 17, + "total_project_lines": 63, + "average_project_lines": 13, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 15, + "average_blank_lines": 3, + "commits_by_month": { + "2021/3": 1, + "2021/1": 3, + "2020/12": 4, + "2020/11": 5, + "2020/10": 1, + "2020/8": 15, + "2020/7": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-06-04T17:51:42Z", + "ossf_scorecard": { + "date": "2025-02-23T16:40:39Z", + "repo": { + "name": "github.com/CMSgov/CMCS-DSG-DSS-Oversight", + "commit": "76e63ec213e5ab51cea250265bdff6d70dda98fc" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-06-04T17:51:42Z", - "ossf_scorecard": { - "date": "2025-02-23T16:40:39Z", - "repo": { - "name": "github.com/CMSgov/CMCS-DSG-DSS-Oversight", - "commit": "76e63ec213e5ab51cea250265bdff6d70dda98fc" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.3, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 1906, - "CodeBytes": 0, - "Lines": 62, - "Code": 47, - "Comment": 0, - "Blank": 15, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 28, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 1015.9329191060046, - "estimatedScheduleMonths_low": 1.0380912591205569, - "estimatedPeople_low": 0.09534084719256201, - "estimatedCost_high": 3166.090689446793, - "estimatedScheduleMonths_high": 1.0380912591205569, - "estimatedPeople_high": 0.09534084719256201, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 4 62 15 0 47 0\n(ULOC) 35\n-------------------------------------------------------------------------------\nYAML 1 1 0 0 1 0\n(ULOC) 1\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 5 63 15 0 48 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 36\nDRYness % 0.57\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $1,114\nEstimated Schedule Effort (organic) 1.04 months\nEstimated People Required (organic) 0.10\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 1934 bytes, 0.002 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [ - [ - "cmcs-dsg-dss-oversight", - "40 days 28:42:25.6" - ] + "score": 2.3, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 1906, + "CodeBytes": 0, + "Lines": 62, + "Code": 47, + "Comment": 0, + "Blank": 15, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 28, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "estimatedCost_low": 1015.9329191060046, + "estimatedScheduleMonths_low": 1.0380912591205569, + "estimatedPeople_low": 0.09534084719256201, + "estimatedCost_high": 3166.090689446793, + "estimatedScheduleMonths_high": 1.0380912591205569, + "estimatedPeople_high": 0.09534084719256201, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 4 62 15 0 47 0\n(ULOC) 35\n-------------------------------------------------------------------------------\nYAML 1 1 0 0 1 0\n(ULOC) 1\n───────────────────────────────────────────────────────────────────────────────\nTotal 5 63 15 0 48 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 36\nDRYness % 0.57\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,114\nEstimated Schedule Effort (organic) 1.04 months\nEstimated People Required (organic) 0.10\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1934 bytes, 0.002 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [ + [ + "cmcs-dsg-dss-oversight", + "40 days 28:42:25.6" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/CMMI-Health-Equity/CMMI-Health-Equity_data.json b/app/site/_data/CMSgov/CMMI-Health-Equity/CMMI-Health-Equity_data.json index 0734de1c89..9c59421d23 100644 --- a/app/site/_data/CMSgov/CMMI-Health-Equity/CMMI-Health-Equity_data.json +++ b/app/site/_data/CMSgov/CMMI-Health-Equity/CMMI-Health-Equity_data.json @@ -1,258 +1,258 @@ { - "url": "https://github.com/CMSgov/CMMI-Health-Equity", - "owner": "CMSgov", - "name": "CMMI-Health-Equity", - "description": null, - "commits_count": 1, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 2, - "watchers_count": 6, - "total_project_lines": 132, - "average_project_lines": 66, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 27, - "average_blank_lines": 14, - "commits_by_month": { - "2022/10": 1 + "url": "https://github.com/CMSgov/CMMI-Health-Equity", + "owner": "CMSgov", + "name": "CMMI-Health-Equity", + "description": null, + "commits_count": 1, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 2, + "watchers_count": 6, + "total_project_lines": 132, + "average_project_lines": 66, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 27, + "average_blank_lines": 14, + "commits_by_month": { + "2022/10": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2022-04-12T17:24:44Z", + "ossf_scorecard": { + "date": "2025-02-23T16:40:43Z", + "repo": { + "name": "github.com/CMSgov/CMMI-Health-Equity", + "commit": "0526432a43a133bf9f03db19ce40e9aa9ad05fd1" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2022-04-12T17:24:44Z", - "ossf_scorecard": { - "date": "2025-02-23T16:40:43Z", - "repo": { - "name": "github.com/CMSgov/CMMI-Health-Equity", - "commit": "0526432a43a133bf9f03db19ce40e9aa9ad05fd1" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/1 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 8175, - "CodeBytes": 0, - "Lines": 132, - "Code": 105, - "Comment": 0, - "Blank": 27, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 2311.056151960821, - "estimatedScheduleMonths_low": 1.4186485250100653, - "estimatedPeople_low": 0.1587030213705032, - "estimatedCost_high": 7202.260334226276, - "estimatedScheduleMonths_high": 1.4186485250100653, - "estimatedPeople_high": 0.1587030213705032, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 2 132 27 0 105 0\n(ULOC) 106\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 2 132 27 0 105 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 106\nDRYness % 0.80\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $2,534\nEstimated Schedule Effort (organic) 1.42 months\nEstimated People Required (organic) 0.16\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 8175 bytes, 0.008 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/1 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 8175, + "CodeBytes": 0, + "Lines": 132, + "Code": 105, + "Comment": 0, + "Blank": 27, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 2311.056151960821, + "estimatedScheduleMonths_low": 1.4186485250100653, + "estimatedPeople_low": 0.1587030213705032, + "estimatedCost_high": 7202.260334226276, + "estimatedScheduleMonths_high": 1.4186485250100653, + "estimatedPeople_high": 0.1587030213705032, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 2 132 27 0 105 0\n(ULOC) 106\n───────────────────────────────────────────────────────────────────────────────\nTotal 2 132 27 0 105 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 106\nDRYness % 0.80\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $2,534\nEstimated Schedule Effort (organic) 1.42 months\nEstimated People Required (organic) 0.16\n───────────────────────────────────────────────────────────────────────────────\nProcessed 8175 bytes, 0.008 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/CMS-GoogleMaps-Socrata-Integration/CMS-GoogleMaps-Socrata-Integration_data.json b/app/site/_data/CMSgov/CMS-GoogleMaps-Socrata-Integration/CMS-GoogleMaps-Socrata-Integration_data.json index b9b30d3111..a6cf273b1f 100644 --- a/app/site/_data/CMSgov/CMS-GoogleMaps-Socrata-Integration/CMS-GoogleMaps-Socrata-Integration_data.json +++ b/app/site/_data/CMSgov/CMS-GoogleMaps-Socrata-Integration/CMS-GoogleMaps-Socrata-Integration_data.json @@ -1,305 +1,305 @@ { - "url": "https://github.com/CMSgov/CMS-GoogleMaps-Socrata-Integration", - "owner": "CMSgov", - "name": "CMS-GoogleMaps-Socrata-Integration", - "description": "Google Maps and Socrata Integration (originally developed for innovation.cms.gov)", - "commits_count": 1, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 8, - "stargazers_count": 7, - "watchers_count": 10, - "total_project_lines": 3941, - "average_project_lines": 493, - "total_project_comment_lines": 283, - "average_project_comment_lines": 35, - "total_project_blank_lines": 609, - "average_blank_lines": 76, - "commits_by_month": { - "2013/6": 1 + "url": "https://github.com/CMSgov/CMS-GoogleMaps-Socrata-Integration", + "owner": "CMSgov", + "name": "CMS-GoogleMaps-Socrata-Integration", + "description": "Google Maps and Socrata Integration (originally developed for innovation.cms.gov)", + "commits_count": 1, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 8, + "stargazers_count": 7, + "watchers_count": 10, + "total_project_lines": 3941, + "average_project_lines": 493, + "total_project_comment_lines": 283, + "average_project_comment_lines": 35, + "total_project_blank_lines": 609, + "average_blank_lines": 76, + "commits_by_month": { + "2013/6": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2013-06-13T12:11:21Z", + "ossf_scorecard": { + "date": "2025-02-23T16:37:41Z", + "repo": { + "name": "github.com/CMSgov/CMS-GoogleMaps-Socrata-Integration", + "commit": "eb7ef2e72cf506c67ffa42e77e623122118f75f5" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2013-06-13T12:11:21Z", - "ossf_scorecard": { - "date": "2025-02-23T16:37:41Z", - "repo": { - "name": "github.com/CMSgov/CMS-GoogleMaps-Socrata-Integration", - "commit": "eb7ef2e72cf506c67ffa42e77e623122118f75f5" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/1 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "JavaScript", - "Bytes": 224095, - "CodeBytes": 0, - "Lines": 3130, - "Code": 2431, - "Comment": 246, - "Blank": 453, - "Complexity": 85, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 13094, - "CodeBytes": 0, - "Lines": 672, - "Code": 511, - "Comment": 29, - "Blank": 132, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 5355, - "CodeBytes": 0, - "Lines": 136, - "Code": 105, - "Comment": 8, - "Blank": 23, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 266, - "CodeBytes": 0, - "Lines": 3, - "Code": 2, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 79419.47818498501, - "estimatedScheduleMonths_low": 5.440002419360171, - "estimatedPeople_low": 1.4222549188723992, - "estimatedCost_high": 247505.7808575322, - "estimatedScheduleMonths_high": 5.440002419360171, - "estimatedPeople_high": 1.4222549188723992, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJavaScript 4 3130 453 246 2431 85\n(ULOC) 1451\n-------------------------------------------------------------------------------\nCSS 2 672 132 29 511 0\n(ULOC) 322\n-------------------------------------------------------------------------------\nHTML 1 136 23 8 105 0\n(ULOC) 108\n-------------------------------------------------------------------------------\nPlain Text 1 3 1 0 2 0\n(ULOC) 3\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 8 3941 609 283 3049 85\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1872\nDRYness % 0.48\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $87,088\nEstimated Schedule Effort (organic) 5.44 months\nEstimated People Required (organic) 1.42\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 242810 bytes, 0.243 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "JavaScript": 217200 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/1 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JavaScript", + "Bytes": 224095, + "CodeBytes": 0, + "Lines": 3130, + "Code": 2431, + "Comment": 246, + "Blank": 453, + "Complexity": 85, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 13094, + "CodeBytes": 0, + "Lines": 672, + "Code": 511, + "Comment": 29, + "Blank": 132, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 5355, + "CodeBytes": 0, + "Lines": 136, + "Code": 105, + "Comment": 8, + "Blank": 23, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 266, + "CodeBytes": 0, + "Lines": 3, + "Code": 2, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 79419.47818498501, + "estimatedScheduleMonths_low": 5.440002419360171, + "estimatedPeople_low": 1.4222549188723992, + "estimatedCost_high": 247505.7808575322, + "estimatedScheduleMonths_high": 5.440002419360171, + "estimatedPeople_high": 1.4222549188723992, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 4 3130 453 246 2431 85\n(ULOC) 1451\n-------------------------------------------------------------------------------\nCSS 2 672 132 29 511 0\n(ULOC) 322\n-------------------------------------------------------------------------------\nHTML 1 136 23 8 105 0\n(ULOC) 108\n-------------------------------------------------------------------------------\nPlain Text 1 3 1 0 2 0\n(ULOC) 3\n───────────────────────────────────────────────────────────────────────────────\nTotal 8 3941 609 283 3049 85\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1872\nDRYness % 0.48\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $87,088\nEstimated Schedule Effort (organic) 5.44 months\nEstimated People Required (organic) 1.42\n───────────────────────────────────────────────────────────────────────────────\nProcessed 242810 bytes, 0.243 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 217200 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/Chargemasters/Chargemasters_data.json b/app/site/_data/CMSgov/Chargemasters/Chargemasters_data.json index 16bb8ed9f2..bef3376e04 100644 --- a/app/site/_data/CMSgov/Chargemasters/Chargemasters_data.json +++ b/app/site/_data/CMSgov/Chargemasters/Chargemasters_data.json @@ -1,273 +1,273 @@ { - "url": "https://github.com/CMSgov/Chargemasters", - "owner": "CMSgov", - "name": "Chargemasters", - "description": null, - "commits_count": 5, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 6, - "total_project_lines": 14, - "average_project_lines": 7, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 1, - "average_blank_lines": 1, - "commits_by_month": { - "2019/2": 5 + "url": "https://github.com/CMSgov/Chargemasters", + "owner": "CMSgov", + "name": "Chargemasters", + "description": null, + "commits_count": 5, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 6, + "total_project_lines": 14, + "average_project_lines": 7, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 1, + "average_blank_lines": 1, + "commits_by_month": { + "2019/2": 5 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2019-02-05T16:14:39Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:52Z", + "repo": { + "name": "github.com/CMSgov/Chargemasters", + "commit": "1797a59e2dea1e11aee16908d89fd50a8073be0f" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2019-02-05T16:14:39Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:52Z", - "repo": { - "name": "github.com/CMSgov/Chargemasters", - "commit": "1797a59e2dea1e11aee16908d89fd50a8073be0f" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/5 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "CSV", - "Bytes": 95, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 921, - "CodeBytes": 0, - "Lines": 13, - "Code": 12, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 257.7521244979255, - "estimatedScheduleMonths_low": 0.6164298744994396, - "estimatedPeople_low": 0.04073503403797182, - "estimatedCost_high": 803.2681943962705, - "estimatedScheduleMonths_high": 0.6164298744994396, - "estimatedPeople_high": 0.04073503403797182, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nCSV 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nMarkdown 1 13 1 0 12 0\n(ULOC) 13\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 2 14 1 0 13 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 14\nDRYness % 1.00\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $282\nEstimated Schedule Effort (organic) 0.62 months\nEstimated People Required (organic) 0.04\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 1016 bytes, 0.001 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/5 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "CSV", + "Bytes": 95, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 921, + "CodeBytes": 0, + "Lines": 13, + "Code": 12, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 257.7521244979255, + "estimatedScheduleMonths_low": 0.6164298744994396, + "estimatedPeople_low": 0.04073503403797182, + "estimatedCost_high": 803.2681943962705, + "estimatedScheduleMonths_high": 0.6164298744994396, + "estimatedPeople_high": 0.04073503403797182, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nCSV 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nMarkdown 1 13 1 0 12 0\n(ULOC) 13\n───────────────────────────────────────────────────────────────────────────────\nTotal 2 14 1 0 13 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 14\nDRYness % 1.00\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $282\nEstimated Schedule Effort (organic) 0.62 months\nEstimated People Required (organic) 0.04\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1016 bytes, 0.001 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ECTA/ECTA_data.json b/app/site/_data/CMSgov/ECTA/ECTA_data.json index 1d3377057b..e544ecc2cb 100644 --- a/app/site/_data/CMSgov/ECTA/ECTA_data.json +++ b/app/site/_data/CMSgov/ECTA/ECTA_data.json @@ -1,302 +1,302 @@ { - "url": "https://github.com/CMSgov/ECTA", - "owner": "CMSgov", - "name": "ECTA", - "description": null, - "commits_count": 206, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 64, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 62, - "closed_pull_requests_count": 2, - "forks_count": 2, - "stargazers_count": 1, - "watchers_count": 4, - "total_project_lines": 258589, - "average_project_lines": 555, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 80, - "average_blank_lines": 0, - "commits_by_month": { - "2025/2": 13, - "2025/1": 8, - "2024/12": 8, - "2024/11": 1 - }, - "new_commit_contributors_by_day_over_last_month": [ - [ - "2025-02-05T06:00:00.000Z", - 3 - ] + "url": "https://github.com/CMSgov/ECTA", + "owner": "CMSgov", + "name": "ECTA", + "description": null, + "commits_count": 206, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 64, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 62, + "closed_pull_requests_count": 2, + "forks_count": 2, + "stargazers_count": 1, + "watchers_count": 4, + "total_project_lines": 258589, + "average_project_lines": 555, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 80, + "average_blank_lines": 0, + "commits_by_month": { + "2025/2": 13, + "2025/1": 8, + "2024/12": 8, + "2024/11": 1 + }, + "new_commit_contributors_by_day_over_last_month": [ + [ + "2025-02-05T06:00:00.000Z", + 3 + ] + ], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-19T05:00:00.000Z", + 1 + ], + [ + "2024-09-23T05:00:00.000Z", + 2 + ], + [ + "2024-09-25T05:00:00.000Z", + 1 ], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-19T05:00:00.000Z", - 1 - ], - [ - "2024-09-23T05:00:00.000Z", - 2 - ], - [ - "2024-09-25T05:00:00.000Z", - 1 - ], - [ - "2024-11-25T06:00:00.000Z", - 1 - ], - [ - "2024-12-11T06:00:00.000Z", - 1 - ] + [ + "2024-11-25T06:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2023-01-09T17:06:00Z", - "ossf_scorecard": { - "date": "2025-02-23T16:43:12Z", - "repo": { - "name": "github.com/CMSgov/ECTA", - "commit": "37394b9f2febba19e429d5247c4a4c93aaf9c890" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.3, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 11 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + [ + "2024-12-11T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2023-01-09T17:06:00Z", + "ossf_scorecard": { + "date": "2025-02-23T16:43:12Z", + "repo": { + "name": "github.com/CMSgov/ECTA", + "commit": "37394b9f2febba19e429d5247c4a4c93aaf9c890" }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 10927856, - "CodeBytes": 0, - "Lines": 258533, - "Code": 258471, - "Comment": 0, - "Blank": 62, - "Complexity": 0, - "Count": 458, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 3813, - "CodeBytes": 0, - "Lines": 54, - "Code": 35, - "Comment": 0, - "Blank": 19, - "Complexity": 0, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 8407287.377640197, - "estimatedScheduleMonths_low": 31.988660958840697, - "estimatedPeople_low": 25.604089686925224, - "estimatedCost_high": 26200779.39129441, - "estimatedScheduleMonths_high": 31.988660958840697, - "estimatedPeople_high": 25.604089686925224, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 458 258533 62 0 258471 0\n(ULOC) 79420\n-------------------------------------------------------------------------------\nMarkdown 8 54 19 0 35 0\n(ULOC) 36\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 466 258587 81 0 258506 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 79455\nDRYness % 0.31\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $9,219,120\nEstimated Schedule Effort (organic) 31.99 months\nEstimated People Required (organic) 25.60\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 10931669 bytes, 10.932 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.3, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 11 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 10927998, + "CodeBytes": 0, + "Lines": 258535, + "Code": 258474, + "Comment": 0, + "Blank": 61, + "Complexity": 0, + "Count": 458, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 3813, + "CodeBytes": 0, + "Lines": 54, + "Code": 35, + "Comment": 0, + "Blank": 19, + "Complexity": 0, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 8407389.823861653, + "estimatedScheduleMonths_low": 31.988809080329705, + "estimatedPeople_low": 25.604283124160318, + "estimatedCost_high": 26201098.658464335, + "estimatedScheduleMonths_high": 31.988809080329705, + "estimatedPeople_high": 25.604283124160318, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 458 258535 61 0 258474 0\n(ULOC) 79421\n-------------------------------------------------------------------------------\nMarkdown 8 54 19 0 35 0\n(ULOC) 36\n───────────────────────────────────────────────────────────────────────────────\nTotal 466 258589 80 0 258509 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 79456\nDRYness % 0.31\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $9,219,232\nEstimated Schedule Effort (organic) 31.99 months\nEstimated People Required (organic) 25.60\n───────────────────────────────────────────────────────────────────────────────\nProcessed 10931811 bytes, 10.932 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/GHubSecrtsFlow/GHubSecrtsFlow_data.json b/app/site/_data/CMSgov/GHubSecrtsFlow/GHubSecrtsFlow_data.json index 98ebfa1738..550661135e 100644 --- a/app/site/_data/CMSgov/GHubSecrtsFlow/GHubSecrtsFlow_data.json +++ b/app/site/_data/CMSgov/GHubSecrtsFlow/GHubSecrtsFlow_data.json @@ -1,260 +1,260 @@ { - "url": "https://github.com/CMSgov/GHubSecrtsFlow", - "owner": "CMSgov", - "name": "GHubSecrtsFlow", - "description": null, - "commits_count": 15, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 3, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 3, - "closed_pull_requests_count": 0, - "forks_count": 1, - "stargazers_count": 0, - "watchers_count": 10, - "total_project_lines": 1, - "average_project_lines": 1, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 0, - "average_blank_lines": 0, - "commits_by_month": { - "2022/1": 8, - "2021/12": 3, - "2021/11": 4 + "url": "https://github.com/CMSgov/GHubSecrtsFlow", + "owner": "CMSgov", + "name": "GHubSecrtsFlow", + "description": null, + "commits_count": 15, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 3, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 3, + "closed_pull_requests_count": 0, + "forks_count": 1, + "stargazers_count": 0, + "watchers_count": 10, + "total_project_lines": 1, + "average_project_lines": 1, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 0, + "average_blank_lines": 0, + "commits_by_month": { + "2022/1": 8, + "2021/12": 3, + "2021/11": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2021-11-16T17:30:30Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:21Z", + "repo": { + "name": "github.com/CMSgov/GHubSecrtsFlow", + "commit": "8b4f444f5f1fd174ca75fe6c5bd671d4f82141f2" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2021-11-16T17:30:30Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:21Z", - "repo": { - "name": "github.com/CMSgov/GHubSecrtsFlow", - "commit": "8b4f444f5f1fd174ca75fe6c5bd671d4f82141f2" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/11 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 16, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 17.44061253011111, - "estimatedScheduleMonths_low": 0.2215237428056705, - "estimatedPeople_low": 0.007669922244011662, - "estimatedCost_high": 54.35256591392355, - "estimatedScheduleMonths_high": 0.2215237428056705, - "estimatedPeople_high": 0.007669922244011662, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 1 1 0 0 1 0\n(ULOC) 1\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 1 1 0 0 1 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1\nDRYness % 1.00\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $19\nEstimated Schedule Effort (organic) 0.22 months\nEstimated People Required (organic) 0.01\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 16 bytes, 0.000 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/11 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 16, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 17.44061253011111, + "estimatedScheduleMonths_low": 0.2215237428056705, + "estimatedPeople_low": 0.007669922244011662, + "estimatedCost_high": 54.35256591392355, + "estimatedScheduleMonths_high": 0.2215237428056705, + "estimatedPeople_high": 0.007669922244011662, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 1 1 0 0 1 0\n(ULOC) 1\n───────────────────────────────────────────────────────────────────────────────\nTotal 1 1 0 0 1 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1\nDRYness % 1.00\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $19\nEstimated Schedule Effort (organic) 0.22 months\nEstimated People Required (organic) 0.01\n───────────────────────────────────────────────────────────────────────────────\nProcessed 16 bytes, 0.000 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/HealthCare.gov-Styleguide/HealthCare.gov-Styleguide_data.json b/app/site/_data/CMSgov/HealthCare.gov-Styleguide/HealthCare.gov-Styleguide_data.json index 3be28231c0..22bb551f56 100644 --- a/app/site/_data/CMSgov/HealthCare.gov-Styleguide/HealthCare.gov-Styleguide_data.json +++ b/app/site/_data/CMSgov/HealthCare.gov-Styleguide/HealthCare.gov-Styleguide_data.json @@ -1,361 +1,361 @@ { - "url": "https://github.com/CMSgov/HealthCare.gov-Styleguide", - "owner": "CMSgov", - "name": "HealthCare.gov-Styleguide", - "description": "CMS Developer Site", - "commits_count": 75, - "issues_count": 15, - "open_issues_count": 3, - "closed_issues_count": 12, - "pull_requests_count": 181, - "open_pull_requests_count": 3, - "merged_pull_requests_count": 174, - "closed_pull_requests_count": 4, - "forks_count": 20, - "stargazers_count": 58, - "watchers_count": 62, - "total_project_lines": 43717, - "average_project_lines": 409, - "total_project_comment_lines": 2133, - "average_project_comment_lines": 20, - "total_project_blank_lines": 2201, - "average_blank_lines": 21, - "commits_by_month": { - "2020/3": 2, - "2015/6": 5, - "2015/5": 7, - "2015/3": 8, - "2015/2": 8 + "url": "https://github.com/CMSgov/HealthCare.gov-Styleguide", + "owner": "CMSgov", + "name": "HealthCare.gov-Styleguide", + "description": "CMS Developer Site", + "commits_count": 75, + "issues_count": 15, + "open_issues_count": 3, + "closed_issues_count": 12, + "pull_requests_count": 181, + "open_pull_requests_count": 3, + "merged_pull_requests_count": 174, + "closed_pull_requests_count": 4, + "forks_count": 20, + "stargazers_count": 58, + "watchers_count": 62, + "total_project_lines": 43717, + "average_project_lines": 409, + "total_project_comment_lines": 2133, + "average_project_comment_lines": 20, + "total_project_blank_lines": 2201, + "average_blank_lines": 21, + "commits_by_month": { + "2020/3": 2, + "2015/6": 5, + "2015/5": 7, + "2015/3": 8, + "2015/2": 8 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2015-02-06T19:04:18Z", + "ossf_scorecard": { + "date": "2025-02-23T16:33:18Z", + "repo": { + "name": "github.com/CMSgov/HealthCare.gov-Styleguide", + "commit": "e9c7e9a5f30410c30f62bbf8c4e0f95186fdad29" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2015-02-06T19:04:18Z", - "ossf_scorecard": { - "date": "2025-02-23T16:33:18Z", - "repo": { - "name": "github.com/CMSgov/HealthCare.gov-Styleguide", - "commit": "e9c7e9a5f30410c30f62bbf8c4e0f95186fdad29" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/29 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "LESS", - "Bytes": 385832, - "CodeBytes": 0, - "Lines": 15319, - "Code": 11466, - "Comment": 1783, - "Blank": 2070, - "Complexity": 0, - "Count": 87, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 1372568, - "CodeBytes": 0, - "Lines": 9144, - "Code": 9138, - "Comment": 2, - "Blank": 4, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 383643, - "CodeBytes": 0, - "Lines": 16491, - "Code": 16169, - "Comment": 322, - "Blank": 0, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 11181, - "CodeBytes": 0, - "Lines": 201, - "Code": 143, - "Comment": 0, - "Blank": 58, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 20834, - "CodeBytes": 0, - "Lines": 215, - "Code": 137, - "Comment": 26, - "Blank": 52, - "Complexity": 18, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 178212, - "CodeBytes": 0, - "Lines": 2344, - "Code": 2328, - "Comment": 0, - "Blank": 16, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 279, - "CodeBytes": 0, - "Lines": 3, - "Code": 2, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 1165831.9923324971, - "estimatedScheduleMonths_low": 15.099010596480644, - "estimatedPeople_low": 7.52206335589824, - "estimatedCost_high": 3633241.6707504927, - "estimatedScheduleMonths_high": 15.099010596480644, - "estimatedPeople_high": 7.52206335589824, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLESS 87 15319 2070 1783 11466 0\n(ULOC) 7503\n-------------------------------------------------------------------------------\nSVG 6 9144 4 2 9138 0\n(ULOC) 4780\n-------------------------------------------------------------------------------\nCSS 4 16491 0 322 16169 0\n(ULOC) 8092\n-------------------------------------------------------------------------------\nMarkdown 4 201 58 0 143 0\n(ULOC) 142\n-------------------------------------------------------------------------------\nJavaScript 3 215 52 26 137 18\n(ULOC) 141\n-------------------------------------------------------------------------------\nHTML 2 2344 16 0 2328 0\n(ULOC) 2179\n-------------------------------------------------------------------------------\nPlain Text 1 3 1 0 2 0\n(ULOC) 3\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 107 43717 2201 2133 39383 18\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 21794\nDRYness % 0.50\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $1,278,408\nEstimated Schedule Effort (organic) 15.10 months\nEstimated People Required (organic) 7.52\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 2352549 bytes, 2.353 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "CSS": 588677, - "HTML": 178212, - "JavaScript": 5644 - }, - "average_issue_resolution_time": [ - [ - "healthcare.gov-styleguide", - "60 days 17:10:18.333333" - ] + "score": 2.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/29 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "LESS", + "Bytes": 385832, + "CodeBytes": 0, + "Lines": 15319, + "Code": 11466, + "Comment": 1783, + "Blank": 2070, + "Complexity": 0, + "Count": 87, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 1372568, + "CodeBytes": 0, + "Lines": 9144, + "Code": 9138, + "Comment": 2, + "Blank": 4, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 383643, + "CodeBytes": 0, + "Lines": 16491, + "Code": 16169, + "Comment": 322, + "Blank": 0, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 11181, + "CodeBytes": 0, + "Lines": 201, + "Code": 143, + "Comment": 0, + "Blank": 58, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 20834, + "CodeBytes": 0, + "Lines": 215, + "Code": 137, + "Comment": 26, + "Blank": 52, + "Complexity": 18, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 178212, + "CodeBytes": 0, + "Lines": 2344, + "Code": 2328, + "Comment": 0, + "Blank": 16, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 279, + "CodeBytes": 0, + "Lines": 3, + "Code": 2, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "estimatedCost_low": 1165831.9923324971, + "estimatedScheduleMonths_low": 15.099010596480644, + "estimatedPeople_low": 7.52206335589824, + "estimatedCost_high": 3633241.6707504927, + "estimatedScheduleMonths_high": 15.099010596480644, + "estimatedPeople_high": 7.52206335589824, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nLESS 87 15319 2070 1783 11466 0\n(ULOC) 7503\n-------------------------------------------------------------------------------\nSVG 6 9144 4 2 9138 0\n(ULOC) 4780\n-------------------------------------------------------------------------------\nCSS 4 16491 0 322 16169 0\n(ULOC) 8092\n-------------------------------------------------------------------------------\nMarkdown 4 201 58 0 143 0\n(ULOC) 142\n-------------------------------------------------------------------------------\nJavaScript 3 215 52 26 137 18\n(ULOC) 141\n-------------------------------------------------------------------------------\nHTML 2 2344 16 0 2328 0\n(ULOC) 2179\n-------------------------------------------------------------------------------\nPlain Text 1 3 1 0 2 0\n(ULOC) 3\n───────────────────────────────────────────────────────────────────────────────\nTotal 107 43717 2201 2133 39383 18\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 21794\nDRYness % 0.50\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,278,408\nEstimated Schedule Effort (organic) 15.10 months\nEstimated People Required (organic) 7.52\n───────────────────────────────────────────────────────────────────────────────\nProcessed 2352549 bytes, 2.353 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "CSS": 588677, + "HTML": 178212, + "JavaScript": 5644 + }, + "average_issue_resolution_time": [ + [ + "healthcare.gov-styleguide", + "60 days 17:10:18.333333" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/Medicaid-Information-Technology-Architecture-MITA/Medicaid-Information-Technology-Architecture-MITA_data.json b/app/site/_data/CMSgov/Medicaid-Information-Technology-Architecture-MITA/Medicaid-Information-Technology-Architecture-MITA_data.json index 1124febc53..5cb5088638 100644 --- a/app/site/_data/CMSgov/Medicaid-Information-Technology-Architecture-MITA/Medicaid-Information-Technology-Architecture-MITA_data.json +++ b/app/site/_data/CMSgov/Medicaid-Information-Technology-Architecture-MITA/Medicaid-Information-Technology-Architecture-MITA_data.json @@ -1,315 +1,315 @@ { - "url": "https://github.com/CMSgov/Medicaid-Information-Technology-Architecture-MITA", - "owner": "CMSgov", - "name": "Medicaid-Information-Technology-Architecture-MITA", - "description": "Site dedicated to providing MITA content to states and partners", - "commits_count": 99, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 8, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 8, - "closed_pull_requests_count": 0, - "forks_count": 1, - "stargazers_count": 2, - "watchers_count": 9, - "total_project_lines": 426, - "average_project_lines": 53, - "total_project_comment_lines": 8, - "average_project_comment_lines": 1, - "total_project_blank_lines": 55, - "average_blank_lines": 7, - "commits_by_month": { - "2024/10": 4, - "2024/9": 6, - "2024/8": 12, - "2024/7": 3, - "2024/6": 4, - "2024/5": 1 + "url": "https://github.com/CMSgov/Medicaid-Information-Technology-Architecture-MITA", + "owner": "CMSgov", + "name": "Medicaid-Information-Technology-Architecture-MITA", + "description": "Site dedicated to providing MITA content to states and partners", + "commits_count": 99, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 8, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 8, + "closed_pull_requests_count": 0, + "forks_count": 1, + "stargazers_count": 2, + "watchers_count": 9, + "total_project_lines": 426, + "average_project_lines": 53, + "total_project_comment_lines": 8, + "average_project_comment_lines": 1, + "total_project_blank_lines": 55, + "average_blank_lines": 7, + "commits_by_month": { + "2024/10": 4, + "2024/9": 6, + "2024/8": 12, + "2024/7": 3, + "2024/6": 4, + "2024/5": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-17T05:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "created_at": "2024-01-31T16:37:22Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:27Z", + "repo": { + "name": "github.com/CMSgov/Medicaid-Information-Technology-Architecture-MITA", + "commit": "3d005783406f1cb2ed8c081b2f4470f679bd53a6" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-17T05:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "created_at": "2024-01-31T16:37:22Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:27Z", - "repo": { - "name": "github.com/CMSgov/Medicaid-Information-Technology-Architecture-MITA", - "commit": "3d005783406f1cb2ed8c081b2f4470f679bd53a6" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 5 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/25 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 10, - "reason": "GitHub workflow tokens follow principle of least privilege", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "HTML", - "Bytes": 17608, - "CodeBytes": 0, - "Lines": 278, - "Code": 246, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1273, - "CodeBytes": 0, - "Lines": 45, - "Code": 32, - "Comment": 8, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 1097, - "CodeBytes": 0, - "Lines": 42, - "Code": 42, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 4392, - "CodeBytes": 0, - "Lines": 61, - "Code": 43, - "Comment": 0, - "Blank": 18, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 8500.87616993095, - "estimatedScheduleMonths_low": 2.327142747924924, - "estimatedPeople_low": 0.3558690132215479, - "estimatedCost_high": 26492.44294342054, - "estimatedScheduleMonths_high": 2.327142747924924, - "estimatedPeople_high": 0.3558690132215479, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nHTML 4 278 32 0 246 0\n(ULOC) 142\n-------------------------------------------------------------------------------\nYAML 2 45 5 8 32 0\n(ULOC) 41\n-------------------------------------------------------------------------------\nJSON 1 42 0 0 42 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nMarkdown 1 61 18 0 43 0\n(ULOC) 41\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 8 426 55 8 363 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 248\nDRYness % 0.58\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $9,321\nEstimated Schedule Effort (organic) 2.33 months\nEstimated People Required (organic) 0.36\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 24370 bytes, 0.024 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "HTML": 17608 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 5 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/25 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 10, + "reason": "GitHub workflow tokens follow principle of least privilege", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "HTML", + "Bytes": 17608, + "CodeBytes": 0, + "Lines": 278, + "Code": 246, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1273, + "CodeBytes": 0, + "Lines": 45, + "Code": 32, + "Comment": 8, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 1097, + "CodeBytes": 0, + "Lines": 42, + "Code": 42, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 4392, + "CodeBytes": 0, + "Lines": 61, + "Code": 43, + "Comment": 0, + "Blank": 18, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 8500.87616993095, + "estimatedScheduleMonths_low": 2.327142747924924, + "estimatedPeople_low": 0.3558690132215479, + "estimatedCost_high": 26492.44294342054, + "estimatedScheduleMonths_high": 2.327142747924924, + "estimatedPeople_high": 0.3558690132215479, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nHTML 4 278 32 0 246 0\n(ULOC) 142\n-------------------------------------------------------------------------------\nYAML 2 45 5 8 32 0\n(ULOC) 41\n-------------------------------------------------------------------------------\nJSON 1 42 0 0 42 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nMarkdown 1 61 18 0 43 0\n(ULOC) 41\n───────────────────────────────────────────────────────────────────────────────\nTotal 8 426 55 8 363 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 248\nDRYness % 0.58\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $9,321\nEstimated Schedule Effort (organic) 2.33 months\nEstimated People Required (organic) 0.36\n───────────────────────────────────────────────────────────────────────────────\nProcessed 24370 bytes, 0.024 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "HTML": 17608 + }, + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/QHP-provider-formulary-APIs/QHP-provider-formulary-APIs_data.json b/app/site/_data/CMSgov/QHP-provider-formulary-APIs/QHP-provider-formulary-APIs_data.json index 67d4ce1e69..9f410ed153 100644 --- a/app/site/_data/CMSgov/QHP-provider-formulary-APIs/QHP-provider-formulary-APIs_data.json +++ b/app/site/_data/CMSgov/QHP-provider-formulary-APIs/QHP-provider-formulary-APIs_data.json @@ -1,318 +1,318 @@ { - "url": "https://github.com/CMSgov/QHP-provider-formulary-APIs", - "owner": "CMSgov", - "name": "QHP-provider-formulary-APIs", - "description": null, - "commits_count": 26, - "issues_count": 28, - "open_issues_count": 25, - "closed_issues_count": 3, - "pull_requests_count": 8, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 4, - "closed_pull_requests_count": 3, - "forks_count": 21, - "stargazers_count": 40, - "watchers_count": 43, - "total_project_lines": 1014, - "average_project_lines": 92, - "total_project_comment_lines": 18, - "average_project_comment_lines": 2, - "total_project_blank_lines": 92, - "average_blank_lines": 8, - "commits_by_month": { - "2019/10": 1, - "2017/12": 1, - "2016/5": 1, - "2015/10": 3, - "2015/9": 7, - "2015/8": 6, - "2015/7": 4, - "2015/5": 2, - "2015/4": 1 + "url": "https://github.com/CMSgov/QHP-provider-formulary-APIs", + "owner": "CMSgov", + "name": "QHP-provider-formulary-APIs", + "description": null, + "commits_count": 26, + "issues_count": 28, + "open_issues_count": 25, + "closed_issues_count": 3, + "pull_requests_count": 8, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 4, + "closed_pull_requests_count": 3, + "forks_count": 21, + "stargazers_count": 40, + "watchers_count": 43, + "total_project_lines": 1014, + "average_project_lines": 92, + "total_project_comment_lines": 18, + "average_project_comment_lines": 2, + "total_project_blank_lines": 92, + "average_blank_lines": 8, + "commits_by_month": { + "2019/10": 1, + "2017/12": 1, + "2016/5": 1, + "2015/10": 3, + "2015/9": 7, + "2015/8": 6, + "2015/7": 4, + "2015/5": 2, + "2015/4": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2015-03-30T15:21:26Z", + "ossf_scorecard": { + "date": "2025-02-23T16:35:19Z", + "repo": { + "name": "github.com/CMSgov/QHP-provider-formulary-APIs", + "commit": "1b667bd691633cd1080878ff44cf44cd38393751" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2015-03-30T15:21:26Z", - "ossf_scorecard": { - "date": "2025-02-23T16:35:19Z", - "repo": { - "name": "github.com/CMSgov/QHP-provider-formulary-APIs", - "commit": "1b667bd691633cd1080878ff44cf44cd38393751" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.9, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 1/26 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 4 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 13448, - "CodeBytes": 0, - "Lines": 435, - "Code": 435, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 4495, - "CodeBytes": 0, - "Lines": 105, - "Code": 79, - "Comment": 18, - "Blank": 8, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 25683, - "CodeBytes": 0, - "Lines": 449, - "Code": 370, - "Comment": 0, - "Blank": 79, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 1211, - "CodeBytes": 0, - "Lines": 25, - "Code": 20, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 22158.40957967216, - "estimatedScheduleMonths_low": 3.349125980828976, - "estimatedPeople_low": 0.6445499950860939, - "estimatedCost_high": 69055.28204055419, - "estimatedScheduleMonths_high": 3.349125980828976, - "estimatedPeople_high": 0.6445499950860939, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 6 435 0 0 435 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nHTML 2 105 8 18 79 0\n(ULOC) 74\n-------------------------------------------------------------------------------\nMarkdown 2 449 79 0 370 0\n(ULOC) 247\n-------------------------------------------------------------------------------\nLicense 1 25 5 0 20 0\n(ULOC) 21\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 11 1014 92 18 904 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 425\nDRYness % 0.42\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $24,298\nEstimated Schedule Effort (organic) 3.35 months\nEstimated People Required (organic) 0.64\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 44837 bytes, 0.045 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "HTML": 4495 - }, - "average_issue_resolution_time": [ - [ - "qhp-provider-formulary-apis", - "258 days 33:35:03.666667" - ] + "score": 2.9, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 1/26 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 4 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 13448, + "CodeBytes": 0, + "Lines": 435, + "Code": 435, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 4495, + "CodeBytes": 0, + "Lines": 105, + "Code": 79, + "Comment": 18, + "Blank": 8, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 25683, + "CodeBytes": 0, + "Lines": 449, + "Code": 370, + "Comment": 0, + "Blank": 79, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 1211, + "CodeBytes": 0, + "Lines": 25, + "Code": 20, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "estimatedCost_low": 22158.40957967216, + "estimatedScheduleMonths_low": 3.349125980828976, + "estimatedPeople_low": 0.6445499950860939, + "estimatedCost_high": 69055.28204055419, + "estimatedScheduleMonths_high": 3.349125980828976, + "estimatedPeople_high": 0.6445499950860939, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 6 435 0 0 435 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nHTML 2 105 8 18 79 0\n(ULOC) 74\n-------------------------------------------------------------------------------\nMarkdown 2 449 79 0 370 0\n(ULOC) 247\n-------------------------------------------------------------------------------\nLicense 1 25 5 0 20 0\n(ULOC) 21\n───────────────────────────────────────────────────────────────────────────────\nTotal 11 1014 92 18 904 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 425\nDRYness % 0.42\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $24,298\nEstimated Schedule Effort (organic) 3.35 months\nEstimated People Required (organic) 0.64\n───────────────────────────────────────────────────────────────────────────────\nProcessed 44837 bytes, 0.045 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "HTML": 4495 + }, + "average_issue_resolution_time": [ + [ + "qhp-provider-formulary-apis", + "258 days 33:35:03.666667" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/SMA-Endpoint-Directory/SMA-Endpoint-Directory_data.json b/app/site/_data/CMSgov/SMA-Endpoint-Directory/SMA-Endpoint-Directory_data.json index 596fd310e4..56aef29e06 100644 --- a/app/site/_data/CMSgov/SMA-Endpoint-Directory/SMA-Endpoint-Directory_data.json +++ b/app/site/_data/CMSgov/SMA-Endpoint-Directory/SMA-Endpoint-Directory_data.json @@ -1,275 +1,275 @@ { - "url": "https://github.com/CMSgov/SMA-Endpoint-Directory", - "owner": "CMSgov", - "name": "SMA-Endpoint-Directory", - "description": null, - "commits_count": 15, - "issues_count": 1, - "open_issues_count": 1, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 5, - "stargazers_count": 14, - "watchers_count": 8, - "total_project_lines": 457, - "average_project_lines": 229, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 130, - "average_blank_lines": 65, - "commits_by_month": { - "2023/8": 7, - "2023/7": 2, - "2023/6": 6 + "url": "https://github.com/CMSgov/SMA-Endpoint-Directory", + "owner": "CMSgov", + "name": "SMA-Endpoint-Directory", + "description": null, + "commits_count": 15, + "issues_count": 1, + "open_issues_count": 1, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 5, + "stargazers_count": 14, + "watchers_count": 8, + "total_project_lines": 457, + "average_project_lines": 229, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 130, + "average_blank_lines": 65, + "commits_by_month": { + "2023/8": 7, + "2023/7": 2, + "2023/6": 6 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2023-03-28T13:34:15Z", + "ossf_scorecard": { + "date": "2025-02-23T16:36:56Z", + "repo": { + "name": "github.com/CMSgov/SMA-Endpoint-Directory", + "commit": "2c307c94122fba8f32d665b267e67ffcc1f57846" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2023-03-28T13:34:15Z", - "ossf_scorecard": { - "date": "2025-02-23T16:36:56Z", - "repo": { - "name": "github.com/CMSgov/SMA-Endpoint-Directory", - "commit": "2c307c94122fba8f32d665b267e67ffcc1f57846" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/15 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "CSV", - "Bytes": 52086, - "CodeBytes": 0, - "Lines": 448, - "Code": 322, - "Comment": 0, - "Blank": 126, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 964, - "CodeBytes": 0, - "Lines": 9, - "Code": 5, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 7617.928180935305, - "estimatedScheduleMonths_low": 2.2321574941899915, - "estimatedPeople_low": 0.3324769548273905, - "estimatedCost_high": 23740.791377995483, - "estimatedScheduleMonths_high": 2.2321574941899915, - "estimatedPeople_high": 0.3324769548273905, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nCSV 1 448 126 0 322 0\n(ULOC) 225\n-------------------------------------------------------------------------------\nMarkdown 1 9 4 0 5 0\n(ULOC) 6\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 2 457 130 0 327 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 230\nDRYness % 0.50\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $8,353\nEstimated Schedule Effort (organic) 2.23 months\nEstimated People Required (organic) 0.33\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 53050 bytes, 0.053 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/15 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "CSV", + "Bytes": 52086, + "CodeBytes": 0, + "Lines": 448, + "Code": 322, + "Comment": 0, + "Blank": 126, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 964, + "CodeBytes": 0, + "Lines": 9, + "Code": 5, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 7617.928180935305, + "estimatedScheduleMonths_low": 2.2321574941899915, + "estimatedPeople_low": 0.3324769548273905, + "estimatedCost_high": 23740.791377995483, + "estimatedScheduleMonths_high": 2.2321574941899915, + "estimatedPeople_high": 0.3324769548273905, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nCSV 1 448 126 0 322 0\n(ULOC) 225\n-------------------------------------------------------------------------------\nMarkdown 1 9 4 0 5 0\n(ULOC) 6\n───────────────────────────────────────────────────────────────────────────────\nTotal 2 457 130 0 327 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 230\nDRYness % 0.50\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $8,353\nEstimated Schedule Effort (organic) 2.23 months\nEstimated People Required (organic) 0.33\n───────────────────────────────────────────────────────────────────────────────\nProcessed 53050 bytes, 0.053 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/T-MSIS-Data-Quality-Measures-Generation-Code/T-MSIS-Data-Quality-Measures-Generation-Code_data.json b/app/site/_data/CMSgov/T-MSIS-Data-Quality-Measures-Generation-Code/T-MSIS-Data-Quality-Measures-Generation-Code_data.json index bf8e55e326..ce2c448d0d 100644 --- a/app/site/_data/CMSgov/T-MSIS-Data-Quality-Measures-Generation-Code/T-MSIS-Data-Quality-Measures-Generation-Code_data.json +++ b/app/site/_data/CMSgov/T-MSIS-Data-Quality-Measures-Generation-Code/T-MSIS-Data-Quality-Measures-Generation-Code_data.json @@ -1,744 +1,744 @@ { - "url": "https://github.com/CMSgov/T-MSIS-Data-Quality-Measures-Generation-Code", - "owner": "CMSgov", - "name": "T-MSIS-Data-Quality-Measures-Generation-Code", - "description": null, - "commits_count": 184, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 33, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 12, - "closed_pull_requests_count": 20, - "forks_count": 2, - "stargazers_count": 20, - "watchers_count": 14, - "total_project_lines": 160949, - "average_project_lines": 952, - "total_project_comment_lines": 14749, - "average_project_comment_lines": 87, - "total_project_blank_lines": 5301, - "average_blank_lines": 31, - "commits_by_month": { - "2025/1": 2, - "2024/12": 6, - "2024/10": 8, - "2024/9": 2, - "2024/8": 2, - "2024/6": 7, - "2024/4": 3 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-19T05:00:00.000Z", - 1 - ], - [ - "2024-10-15T05:00:00.000Z", - 2 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-02-03T18:06:21Z", - "ossf_scorecard": { - "date": "2025-02-23T16:38:52Z", - "repo": { - "name": "github.com/CMSgov/T-MSIS-Data-Quality-Measures-Generation-Code", - "commit": "054facf0f1dfd1098dd9c96ac42e2317caafa157" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "2 out of 2 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/28 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 6, - "reason": "8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool is run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 10, - "reason": "GitHub workflow tokens follow principle of least privilege", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 5, - "reason": "5 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Python", - "Bytes": 1771271, - "CodeBytes": 0, - "Lines": 36513, - "Code": 16627, - "Comment": 14726, - "Blank": 5160, - "Complexity": 647, - "Count": 134, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 3791615, - "CodeBytes": 0, - "Lines": 123735, - "Code": 123735, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 23, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 16728, - "CodeBytes": 0, - "Lines": 329, - "Code": 223, - "Comment": 0, - "Blank": 106, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Batch", - "Bytes": 11465, - "CodeBytes": 0, - "Lines": 129, - "Code": 125, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Jupyter", - "Bytes": 13652, - "CodeBytes": 0, - "Lines": 2, - "Code": 2, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6555, - "CodeBytes": 0, - "Lines": 116, - "Code": 96, - "Comment": 0, - "Blank": 20, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 140, - "CodeBytes": 0, - "Lines": 13, - "Code": 13, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 2389, - "CodeBytes": 0, - "Lines": 56, - "Code": 48, - "Comment": 8, - "Blank": 0, - "Complexity": 11, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1580, - "CodeBytes": 0, - "Lines": 57, - "Code": 31, - "Comment": 15, - "Blank": 11, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 4445476.0665648775, - "estimatedScheduleMonths_low": 25.109367136592304, - "estimatedPeople_low": 17.247732886873322, - "estimatedCost_high": 13854045.006135903, - "estimatedScheduleMonths_high": 25.109367136592304, - "estimatedPeople_high": 17.247732886873322, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nPython 134 36513 5160 14726 16627 647\n(ULOC) 9439\n-------------------------------------------------------------------------------\nCSV 23 123735 0 0 123735 0\n(ULOC) 111597\n-------------------------------------------------------------------------------\nMarkdown 4 329 106 0 223 0\n(ULOC) 189\n-------------------------------------------------------------------------------\nBatch 2 129 4 0 125 0\n(ULOC) 126\n-------------------------------------------------------------------------------\nJupyter 2 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nPlain Text 1 13 0 0 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nShell 1 56 0 8 48 11\n(ULOC) 50\n-------------------------------------------------------------------------------\nYAML 1 57 11 15 31 0\n(ULOC) 45\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 169 160950 5301 14749 140900 658\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 121535\nDRYness % 0.76\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $4,874,744\nEstimated Schedule Effort (organic) 25.11 months\nEstimated People Required (organic) 17.25\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 5615395 bytes, 5.615 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/T-MSIS-Data-Quality-Measures-Generation-Code", + "owner": "CMSgov", + "name": "T-MSIS-Data-Quality-Measures-Generation-Code", + "description": null, + "commits_count": 184, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 33, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 12, + "closed_pull_requests_count": 20, + "forks_count": 2, + "stargazers_count": 20, + "watchers_count": 14, + "total_project_lines": 160949, + "average_project_lines": 952, + "total_project_comment_lines": 14749, + "average_project_comment_lines": 87, + "total_project_blank_lines": 5301, + "average_blank_lines": 31, + "commits_by_month": { + "2025/1": 2, + "2024/12": 6, + "2024/10": 8, + "2024/9": 2, + "2024/8": 2, + "2024/6": 7, + "2024/4": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-19T05:00:00.000Z", + 1 + ], + [ + "2024-10-15T05:00:00.000Z", + 2 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-02-03T18:06:21Z", + "ossf_scorecard": { + "date": "2025-02-23T16:38:52Z", + "repo": { + "name": "github.com/CMSgov/T-MSIS-Data-Quality-Measures-Generation-Code", + "commit": "054facf0f1dfd1098dd9c96ac42e2317caafa157" }, - "predominant_langs": { - "Python": 1771271, - "Jupyter Notebook": 13652, - "Batchfile": 11465, - "Shell": 2389 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "Babel", - 2.4876712329, - "2023-11-29T02:46:00.000" - ], - [ - "Jinja2", - 0.9424657534, - "2023-11-29T02:46:00.000" - ], - [ - "MarkupSafe", - 2.0410958904, - "2023-11-29T02:46:00.000" - ], - [ - "PyYAML", - 2.4876712329, - "2023-11-29T02:46:00.000" - ], - [ - "Pygments", - 2.5534246575, - "2023-11-29T02:46:00.000" - ], - [ - "Sphinx", - 2.1342465753, - "2023-11-29T02:46:00.000" - ], - [ - "alabaster", - 4.2821917808, - "2023-11-29T02:46:00.000" - ], - [ - "astroid", - 2.5506849315, - "2023-11-29T02:46:00.000" - ], - [ - "attrs", - 1.9424657534, - "2023-11-29T02:46:00.000" - ], - [ - "autoflake", - 0.0, - "2025-03-01T19:07:00.000" - ], - [ - "awscli", - 0.0, - "2025-03-01T19:07:00.000" - ], - [ - "bandit", - 0.0, - "2025-03-01T19:07:00.000" - ], - [ - "black", - 0.0, - "2025-03-01T19:07:00.000" - ], - [ - "boto3", - 0.0, - "2023-11-29T02:46:00.000" - ], - [ - "certifi", - 2.4684931507, - "2023-11-29T02:46:00.000" - ], - [ - "charset-normalizer", - 2.2931506849, - "2023-11-29T02:46:00.000" - ], - [ - "click", - 2.2438356164, - "2023-11-29T02:46:00.000" - ], - [ - "colorama", - 2.0246575342, - "2023-11-29T02:46:00.000" - ], - [ - "databricks-cli", - 0.0, - "2025-03-01T19:07:00.000" - ], - [ - "databricks-cli", - 2.5534246575, - "2023-11-29T02:46:00.000" - ], - [ - "docutils", - 3.3424657534, - "2023-11-29T02:46:00.000" - ], - [ - "flake8", - 0.0, - "2025-03-01T19:07:00.000" - ], - [ - "flake8", - 2.2219178082, - "2023-11-29T02:46:00.000" - ], - [ - "flake8-bugbear", - 2.6547945205, - "2023-11-29T02:46:00.000" - ], - [ - "flake8-comprehensions", - 1.898630137, - "2023-11-29T02:46:00.000" - ], - [ - "idna", - 2.4904109589, - "2023-11-29T02:46:00.000" - ], - [ - "imagesize", - 2.5123287671, - "2023-11-29T02:46:00.000" - ], - [ - "isort", - 0.0, - "2025-03-01T19:07:00.000" - ], - [ - "isort", - 1.8575342466, - "2023-11-29T02:46:00.000" - ], - [ - "koalas", - 0.3369863014, - "2023-11-29T02:46:00.000" - ], - [ - "lazy-object-proxy", - 1.7863013699, - "2023-11-29T02:46:00.000" - ], - [ - "markdown-it-py", - 2.0712328767, - "2023-11-29T02:46:00.000" - ], - [ - "mccabe", - 4.9945205479, - "2023-11-29T02:46:00.000" - ], - [ - "mdit-py-plugins", - 2.0876712329, - "2023-11-29T02:46:00.000" - ], - [ - "myst-parser", - 1.9863013699, - "2023-11-29T02:46:00.000" - ], - [ - "numpy", - 2.6273972603, - "2023-11-29T02:46:00.000" - ], - [ - "numpy", - 3.1534246575, - "2025-03-01T19:07:00.000" - ], - [ - "packaging", - 2.2465753425, - "2023-11-29T02:46:00.000" - ], - [ - "pandas", - 2.0575342466, - "2025-03-01T19:07:00.000" - ], - [ - "pandas", - 2.5808219178, - "2023-11-29T02:46:00.000" - ], - [ - "pep8", - 0.0, - "2023-11-29T02:46:00.000" - ], - [ - "pip", - 1.6246575342, - "2023-11-29T02:46:00.000" - ], - [ - "py4j", - 2.5479452055, - "2023-11-29T02:46:00.000" - ], - [ - "pyarrow", - 2.2794520548, - "2023-11-29T02:46:00.000" - ], - [ - "pycodestyle", - 2.5808219178, - "2023-11-29T02:46:00.000" - ], - [ - "pylint", - 2.5643835616, - "2023-11-29T02:46:00.000" - ], - [ - "pyparsing", - 3.3150684932, - "2023-11-29T02:46:00.000" - ], - [ - "pyspark", - 1.8767123288, - "2025-03-01T19:07:00.000" - ], - [ - "pyspark", - 2.5698630137, - "2023-11-29T02:46:00.000" - ], - [ - "pytest", - 0.0, - "2025-03-01T19:07:00.000" - ], - [ - "python-dateutil", - 1.695890411, - "2023-11-29T02:46:00.000" - ], - [ - "pytz", - 2.5890410959, - "2023-11-29T02:46:00.000" - ], - [ - "requests", - 1.8575342466, - "2023-11-29T02:46:00.000" - ], - [ - "setuptools", - 2.5698630137, - "2025-03-01T19:07:00.000" - ], - [ - "setuptools", - 3.304109589, - "2023-11-29T02:46:00.000" - ], - [ - "six", - 0.9534246575, - "2023-11-29T02:46:00.000" - ], - [ - "snowballstemmer", - 0.8191780822, - "2023-11-29T02:46:00.000" - ], - [ - "sphinx-rtd-theme", - 2.6465753425, - "2023-11-29T02:46:00.000" - ], - [ - "sphinxcontrib-applehelp", - 3.4575342466, - "2023-11-29T02:46:00.000" - ], - [ - "sphinxcontrib-devhelp", - 3.4575342466, - "2023-11-29T02:46:00.000" - ], - [ - "sphinxcontrib-htmlhelp", - 2.2301369863, - "2023-11-29T02:46:00.000" - ], - [ - "sphinxcontrib-jsmath", - 0.0, - "2023-11-29T02:46:00.000" - ], - [ - "sphinxcontrib-qthelp", - 3.4575342466, - "2023-11-29T02:46:00.000" - ], - [ - "sphinxcontrib-serializinghtml", - 2.2465753425, - "2023-11-29T02:46:00.000" - ], - [ - "tabulate", - 1.6191780822, - "2023-11-29T02:46:00.000" - ], - [ - "toml", - 0.0, - "2023-11-29T02:46:00.000" - ], - [ - "urllib3", - 2.3835616438, - "2023-11-29T02:46:00.000" - ], - [ - "wheel", - 2.9205479452, - "2025-03-01T19:07:00.000" - ], - [ - "wheel", - 2.9506849315, - "2023-11-29T02:46:00.000" - ] + "score": 4.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "2 out of 2 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/28 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 6, + "reason": "8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool is run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 10, + "reason": "GitHub workflow tokens follow principle of least privilege", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 5, + "reason": "5 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Python", + "Bytes": 1771271, + "CodeBytes": 0, + "Lines": 36513, + "Code": 16627, + "Comment": 14726, + "Blank": 5160, + "Complexity": 647, + "Count": 134, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 3791615, + "CodeBytes": 0, + "Lines": 123735, + "Code": 123735, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 23, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 16728, + "CodeBytes": 0, + "Lines": 329, + "Code": 223, + "Comment": 0, + "Blank": 106, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Batch", + "Bytes": 11465, + "CodeBytes": 0, + "Lines": 129, + "Code": 125, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Jupyter", + "Bytes": 13652, + "CodeBytes": 0, + "Lines": 2, + "Code": 2, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6555, + "CodeBytes": 0, + "Lines": 116, + "Code": 96, + "Comment": 0, + "Blank": 20, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 140, + "CodeBytes": 0, + "Lines": 13, + "Code": 13, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 2389, + "CodeBytes": 0, + "Lines": 56, + "Code": 48, + "Comment": 8, + "Blank": 0, + "Complexity": 11, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1580, + "CodeBytes": 0, + "Lines": 57, + "Code": 31, + "Comment": 15, + "Blank": 11, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 4445476.0665648775, + "estimatedScheduleMonths_low": 25.109367136592304, + "estimatedPeople_low": 17.247732886873322, + "estimatedCost_high": 13854045.006135903, + "estimatedScheduleMonths_high": 25.109367136592304, + "estimatedPeople_high": 17.247732886873322, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nPython 134 36513 5160 14726 16627 647\n(ULOC) 9439\n-------------------------------------------------------------------------------\nCSV 23 123735 0 0 123735 0\n(ULOC) 111597\n-------------------------------------------------------------------------------\nMarkdown 4 329 106 0 223 0\n(ULOC) 189\n-------------------------------------------------------------------------------\nBatch 2 129 4 0 125 0\n(ULOC) 126\n-------------------------------------------------------------------------------\nJupyter 2 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nPlain Text 1 13 0 0 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nShell 1 56 0 8 48 11\n(ULOC) 50\n-------------------------------------------------------------------------------\nYAML 1 57 11 15 31 0\n(ULOC) 45\n───────────────────────────────────────────────────────────────────────────────\nTotal 169 160950 5301 14749 140900 658\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 121535\nDRYness % 0.76\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $4,874,744\nEstimated Schedule Effort (organic) 25.11 months\nEstimated People Required (organic) 17.25\n───────────────────────────────────────────────────────────────────────────────\nProcessed 5615395 bytes, 5.615 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Python": 1771271, + "Jupyter Notebook": 13652, + "Batchfile": 11465, + "Shell": 2389 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "Babel", + 2.4876712329, + "2023-11-29T02:46:00.000" + ], + [ + "Jinja2", + 0.9424657534, + "2023-11-29T02:46:00.000" + ], + [ + "MarkupSafe", + 2.0410958904, + "2023-11-29T02:46:00.000" + ], + [ + "PyYAML", + 2.4876712329, + "2023-11-29T02:46:00.000" + ], + [ + "Pygments", + 2.5534246575, + "2023-11-29T02:46:00.000" + ], + [ + "Sphinx", + 2.1342465753, + "2023-11-29T02:46:00.000" + ], + [ + "alabaster", + 4.2821917808, + "2023-11-29T02:46:00.000" + ], + [ + "astroid", + 2.5506849315, + "2023-11-29T02:46:00.000" + ], + [ + "attrs", + 1.9424657534, + "2023-11-29T02:46:00.000" + ], + [ + "autoflake", + 0.0, + "2025-03-01T19:07:00.000" + ], + [ + "awscli", + 0.0, + "2025-03-01T19:07:00.000" + ], + [ + "bandit", + 0.0, + "2025-03-01T19:07:00.000" + ], + [ + "black", + 0.0, + "2025-03-01T19:07:00.000" + ], + [ + "boto3", + 0.0, + "2023-11-29T02:46:00.000" + ], + [ + "certifi", + 2.4684931507, + "2023-11-29T02:46:00.000" + ], + [ + "charset-normalizer", + 2.2931506849, + "2023-11-29T02:46:00.000" + ], + [ + "click", + 2.2438356164, + "2023-11-29T02:46:00.000" + ], + [ + "colorama", + 2.0246575342, + "2023-11-29T02:46:00.000" + ], + [ + "databricks-cli", + 0.0, + "2025-03-01T19:07:00.000" + ], + [ + "databricks-cli", + 2.5534246575, + "2023-11-29T02:46:00.000" + ], + [ + "docutils", + 3.3424657534, + "2023-11-29T02:46:00.000" + ], + [ + "flake8", + 0.0, + "2025-03-01T19:07:00.000" + ], + [ + "flake8", + 2.2219178082, + "2023-11-29T02:46:00.000" + ], + [ + "flake8-bugbear", + 2.6547945205, + "2023-11-29T02:46:00.000" + ], + [ + "flake8-comprehensions", + 1.898630137, + "2023-11-29T02:46:00.000" + ], + [ + "idna", + 2.4904109589, + "2023-11-29T02:46:00.000" + ], + [ + "imagesize", + 2.5123287671, + "2023-11-29T02:46:00.000" + ], + [ + "isort", + 0.0, + "2025-03-01T19:07:00.000" + ], + [ + "isort", + 1.8575342466, + "2023-11-29T02:46:00.000" + ], + [ + "koalas", + 0.3369863014, + "2023-11-29T02:46:00.000" + ], + [ + "lazy-object-proxy", + 1.7863013699, + "2023-11-29T02:46:00.000" + ], + [ + "markdown-it-py", + 2.0712328767, + "2023-11-29T02:46:00.000" + ], + [ + "mccabe", + 4.9945205479, + "2023-11-29T02:46:00.000" + ], + [ + "mdit-py-plugins", + 2.0876712329, + "2023-11-29T02:46:00.000" + ], + [ + "myst-parser", + 1.9863013699, + "2023-11-29T02:46:00.000" + ], + [ + "numpy", + 2.6273972603, + "2023-11-29T02:46:00.000" + ], + [ + "numpy", + 3.1534246575, + "2025-03-01T19:07:00.000" + ], + [ + "packaging", + 2.2465753425, + "2023-11-29T02:46:00.000" + ], + [ + "pandas", + 2.0575342466, + "2025-03-01T19:07:00.000" + ], + [ + "pandas", + 2.5808219178, + "2023-11-29T02:46:00.000" + ], + [ + "pep8", + 0.0, + "2023-11-29T02:46:00.000" + ], + [ + "pip", + 1.6246575342, + "2023-11-29T02:46:00.000" + ], + [ + "py4j", + 2.5479452055, + "2023-11-29T02:46:00.000" + ], + [ + "pyarrow", + 2.2794520548, + "2023-11-29T02:46:00.000" + ], + [ + "pycodestyle", + 2.5808219178, + "2023-11-29T02:46:00.000" + ], + [ + "pylint", + 2.5643835616, + "2023-11-29T02:46:00.000" + ], + [ + "pyparsing", + 3.3150684932, + "2023-11-29T02:46:00.000" + ], + [ + "pyspark", + 1.8767123288, + "2025-03-01T19:07:00.000" + ], + [ + "pyspark", + 2.5698630137, + "2023-11-29T02:46:00.000" + ], + [ + "pytest", + 0.0, + "2025-03-01T19:07:00.000" + ], + [ + "python-dateutil", + 1.695890411, + "2023-11-29T02:46:00.000" + ], + [ + "pytz", + 2.5890410959, + "2023-11-29T02:46:00.000" + ], + [ + "requests", + 1.8575342466, + "2023-11-29T02:46:00.000" + ], + [ + "setuptools", + 2.5698630137, + "2025-03-01T19:07:00.000" + ], + [ + "setuptools", + 3.304109589, + "2023-11-29T02:46:00.000" + ], + [ + "six", + 0.9534246575, + "2023-11-29T02:46:00.000" + ], + [ + "snowballstemmer", + 0.8191780822, + "2023-11-29T02:46:00.000" + ], + [ + "sphinx-rtd-theme", + 2.6465753425, + "2023-11-29T02:46:00.000" + ], + [ + "sphinxcontrib-applehelp", + 3.4575342466, + "2023-11-29T02:46:00.000" + ], + [ + "sphinxcontrib-devhelp", + 3.4575342466, + "2023-11-29T02:46:00.000" + ], + [ + "sphinxcontrib-htmlhelp", + 2.2301369863, + "2023-11-29T02:46:00.000" + ], + [ + "sphinxcontrib-jsmath", + 0.0, + "2023-11-29T02:46:00.000" + ], + [ + "sphinxcontrib-qthelp", + 3.4575342466, + "2023-11-29T02:46:00.000" + ], + [ + "sphinxcontrib-serializinghtml", + 2.2465753425, + "2023-11-29T02:46:00.000" + ], + [ + "tabulate", + 1.6191780822, + "2023-11-29T02:46:00.000" + ], + [ + "toml", + 0.0, + "2023-11-29T02:46:00.000" + ], + [ + "urllib3", + 2.3835616438, + "2023-11-29T02:46:00.000" + ], + [ + "wheel", + 2.9205479452, + "2025-03-01T19:07:00.000" + ], + [ + "wheel", + 2.9506849315, + "2023-11-29T02:46:00.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/ab2d-bcda-dpc-platform/ab2d-bcda-dpc-platform_data.json b/app/site/_data/CMSgov/ab2d-bcda-dpc-platform/ab2d-bcda-dpc-platform_data.json index 92de9308f4..5fec4285e0 100644 --- a/app/site/_data/CMSgov/ab2d-bcda-dpc-platform/ab2d-bcda-dpc-platform_data.json +++ b/app/site/_data/CMSgov/ab2d-bcda-dpc-platform/ab2d-bcda-dpc-platform_data.json @@ -1,613 +1,613 @@ { - "url": "https://github.com/CMSgov/ab2d-bcda-dpc-platform", - "owner": "CMSgov", - "name": "ab2d-bcda-dpc-platform", - "description": "Platform team code for supporting AB2D, BCDA, and DPC.", - "commits_count": 172, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 185, - "open_pull_requests_count": 5, - "merged_pull_requests_count": 163, - "closed_pull_requests_count": 17, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 11, - "total_project_lines": 54025, - "average_project_lines": 307, - "total_project_comment_lines": 2793, - "average_project_comment_lines": 16, - "total_project_blank_lines": 4923, - "average_blank_lines": 28, - "commits_by_month": { - "2025/2": 11, - "2025/1": 16, - "2024/12": 2, - "2024/11": 1 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-16T05:00:00.000Z", - 1 - ], - [ - "2024-09-17T05:00:00.000Z", - 1 - ], - [ - "2024-09-23T05:00:00.000Z", - 1 - ], - [ - "2024-09-24T05:00:00.000Z", - 1 - ], - [ - "2024-10-29T05:00:00.000Z", - 1 - ], - [ - "2024-11-14T06:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2023-04-04T12:40:46Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:40Z", - "repo": { - "name": "github.com/CMSgov/ab2d-bcda-dpc-platform", - "commit": "b93e40fa10e5b844e75aecf1d654f9505268164e" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 5, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 9, - "reason": "28 out of 29 merged PRs checked by a CI test -- score normalized to 9", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 29/30 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 12 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "29 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 7, - "reason": "SAST tool detected but not run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 7, - "reason": "3 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 121422, - "CodeBytes": 0, - "Lines": 4570, - "Code": 3171, - "Comment": 890, - "Blank": 509, - "Complexity": 314, - "Count": 104, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 67072, - "CodeBytes": 0, - "Lines": 2017, - "Code": 1837, - "Comment": 49, - "Blank": 131, - "Complexity": 0, - "Count": 46, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 16928, - "CodeBytes": 0, - "Lines": 412, - "Code": 267, - "Comment": 0, - "Blank": 145, - "Complexity": 0, - "Count": 26, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 6238, - "CodeBytes": 0, - "Lines": 225, - "Code": 210, - "Comment": 0, - "Blank": 15, - "Complexity": 14, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "BASH", - "Bytes": 2211, - "CodeBytes": 0, - "Lines": 79, - "Code": 52, - "Comment": 11, - "Blank": 16, - "Complexity": 10, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 5076, - "CodeBytes": 0, - "Lines": 123, - "Code": 123, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 15788, - "CodeBytes": 0, - "Lines": 419, - "Code": 313, - "Comment": 31, - "Blank": 75, - "Complexity": 58, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HCL", - "Bytes": 4198, - "CodeBytes": 0, - "Lines": 156, - "Code": 131, - "Comment": 3, - "Blank": 22, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 1448853, - "CodeBytes": 0, - "Lines": 35290, - "Code": 31229, - "Comment": 1832, - "Blank": 2229, - "Complexity": 2887, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 17264, - "CodeBytes": 0, - "Lines": 448, - "Code": 371, - "Comment": 44, - "Blank": 33, - "Complexity": 26, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 1096, - "CodeBytes": 0, - "Lines": 22, - "Code": 17, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 623310, - "CodeBytes": 0, - "Lines": 11179, - "Code": 9338, - "Comment": 0, - "Blank": 1841, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 1405738.0123271819, - "estimatedScheduleMonths_low": 16.211772080733688, - "estimatedPeople_low": 8.447406768337913, - "estimatedCost_high": 4380893.609144028, - "estimatedScheduleMonths_high": 16.211772080733688, - "estimatedPeople_high": 8.447406768337913, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 104 4570 509 890 3171 314\n(ULOC) 1823\n-------------------------------------------------------------------------------\nYAML 46 2017 131 49 1837 0\n(ULOC) 378\n-------------------------------------------------------------------------------\nMarkdown 26 412 145 0 267 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nTypeScript 5 225 15 0 210 14\n(ULOC) 150\n-------------------------------------------------------------------------------\nBASH 4 79 16 11 52 10\n(ULOC) 37\n-------------------------------------------------------------------------------\nJSON 4 123 0 0 123 0\n(ULOC) 113\n-------------------------------------------------------------------------------\nShell 4 419 75 31 313 58\n(ULOC) 264\n-------------------------------------------------------------------------------\nHCL 3 156 22 3 131 0\n(ULOC) 96\n-------------------------------------------------------------------------------\nJavaScript 3 35290 2229 1832 31229 2887\n(ULOC) 16558\n-------------------------------------------------------------------------------\nPython 2 448 33 44 371 26\n(ULOC) 320\n-------------------------------------------------------------------------------\nLicense 1 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nPlain Text 1 11179 1841 0 9338 0\n(ULOC) 290\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 204 54949 5023 2860 47066 3309\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 20117\nDRYness % 0.37\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $1,541,480\nEstimated Schedule Effort (organic) 16.21 months\nEstimated People Required (organic) 8.45\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 2329838 bytes, 2.330 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/ab2d-bcda-dpc-platform", + "owner": "CMSgov", + "name": "ab2d-bcda-dpc-platform", + "description": "Platform team code for supporting AB2D, BCDA, and DPC.", + "commits_count": 172, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 185, + "open_pull_requests_count": 5, + "merged_pull_requests_count": 163, + "closed_pull_requests_count": 17, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 11, + "total_project_lines": 54025, + "average_project_lines": 307, + "total_project_comment_lines": 2793, + "average_project_comment_lines": 16, + "total_project_blank_lines": 4923, + "average_blank_lines": 28, + "commits_by_month": { + "2025/2": 11, + "2025/1": 16, + "2024/12": 2, + "2024/11": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-16T05:00:00.000Z", + 1 + ], + [ + "2024-09-17T05:00:00.000Z", + 1 + ], + [ + "2024-09-23T05:00:00.000Z", + 1 + ], + [ + "2024-09-24T05:00:00.000Z", + 1 + ], + [ + "2024-10-29T05:00:00.000Z", + 1 + ], + [ + "2024-11-14T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2023-04-04T12:40:46Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:40Z", + "repo": { + "name": "github.com/CMSgov/ab2d-bcda-dpc-platform", + "commit": "b93e40fa10e5b844e75aecf1d654f9505268164e" }, - "predominant_langs": { - "HCL": 125620, - "Shell": 17999, - "Python": 17264, - "TypeScript": 6238, - "JavaScript": 172 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "@actions/core", - 0.0, - "2025-03-01T19:07:01.000" - ], - [ - "@aws-sdk/client-ssm", - 0.0, - "2025-03-01T19:07:01.000" - ], - [ - "@types/node", - 0.0, - "2025-03-01T19:07:01.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 1.3150684932, - "2025-03-01T19:07:01.000" - ], - [ - "@vercel/ncc", - 0.0, - "2025-03-01T19:07:01.000" - ], - [ - "aws-sdk-client-mock", - 1.304109589, - "2025-03-01T19:07:01.000" - ], - [ - "boto3", - 0.4904109589, - "2024-06-18T11:33:23.000" - ], - [ - "botocore", - 0.4904109589, - "2024-06-18T11:33:23.000" - ], - [ - "certifi", - 0.5369863014, - "2024-06-18T11:33:23.000" - ], - [ - "charset-normalizer", - 0.0, - "2024-06-18T11:33:23.000" - ], - [ - "docopt", - 0.0, - "2024-06-18T11:33:23.000" - ], - [ - "eslint", - 0.4328767123, - "2025-03-01T19:07:01.000" - ], - [ - "eslint-plugin-github", - 1.5534246575, - "2025-03-01T19:07:01.000" - ], - [ - "eslint-plugin-jest", - 0.9123287671, - "2025-03-01T19:07:01.000" - ], - [ - "idna", - 0.0, - "2024-06-18T11:33:23.000" - ], - [ - "jest", - 0.0, - "2025-03-01T19:07:01.000" - ], - [ - "jmespath", - 0.0, - "2024-06-18T11:33:23.000" - ], - [ - "js-yaml", - 0.0, - "2025-03-01T19:07:01.000" - ], - [ - "pipreqs", - 0.8493150685, - "2024-06-18T11:33:23.000" - ], - [ - "prettier", - 0.0, - "2025-03-01T19:07:01.000" - ], - [ - "python-dateutil", - 2.6328767123, - "2024-06-18T11:33:23.000" - ], - [ - "requests", - 1.0219178082, - "2024-06-18T11:33:23.000" - ], - [ - "s3transfer", - 0.2493150685, - "2024-06-18T11:33:23.000" - ], - [ - "six", - 0.0, - "2024-06-18T11:33:23.000" - ], - [ - "ts-jest", - 0.0, - "2025-03-01T19:07:01.000" - ], - [ - "typescript", - -0.002739726, - "2025-03-01T19:07:01.000" - ], - [ - "urllib3", - 0.6657534247, - "2024-06-18T11:33:23.000" - ], - [ - "yarg", - 0.0, - "2024-06-18T11:33:23.000" - ] + "score": 6.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 5, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 9, + "reason": "28 out of 29 merged PRs checked by a CI test -- score normalized to 9", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 29/30 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 12 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "29 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 7, + "reason": "SAST tool detected but not run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 7, + "reason": "3 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 121422, + "CodeBytes": 0, + "Lines": 4570, + "Code": 3171, + "Comment": 890, + "Blank": 509, + "Complexity": 314, + "Count": 104, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 67072, + "CodeBytes": 0, + "Lines": 2017, + "Code": 1837, + "Comment": 49, + "Blank": 131, + "Complexity": 0, + "Count": 46, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 16928, + "CodeBytes": 0, + "Lines": 412, + "Code": 267, + "Comment": 0, + "Blank": 145, + "Complexity": 0, + "Count": 26, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 6238, + "CodeBytes": 0, + "Lines": 225, + "Code": 210, + "Comment": 0, + "Blank": 15, + "Complexity": 14, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "BASH", + "Bytes": 2211, + "CodeBytes": 0, + "Lines": 79, + "Code": 52, + "Comment": 11, + "Blank": 16, + "Complexity": 10, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 5076, + "CodeBytes": 0, + "Lines": 123, + "Code": 123, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 15788, + "CodeBytes": 0, + "Lines": 419, + "Code": 313, + "Comment": 31, + "Blank": 75, + "Complexity": 58, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HCL", + "Bytes": 4198, + "CodeBytes": 0, + "Lines": 156, + "Code": 131, + "Comment": 3, + "Blank": 22, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 1448853, + "CodeBytes": 0, + "Lines": 35290, + "Code": 31229, + "Comment": 1832, + "Blank": 2229, + "Complexity": 2887, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 17264, + "CodeBytes": 0, + "Lines": 448, + "Code": 371, + "Comment": 44, + "Blank": 33, + "Complexity": 26, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 1096, + "CodeBytes": 0, + "Lines": 22, + "Code": 17, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 623310, + "CodeBytes": 0, + "Lines": 11179, + "Code": 9338, + "Comment": 0, + "Blank": 1841, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 1405738.0123271819, + "estimatedScheduleMonths_low": 16.211772080733688, + "estimatedPeople_low": 8.447406768337913, + "estimatedCost_high": 4380893.609144028, + "estimatedScheduleMonths_high": 16.211772080733688, + "estimatedPeople_high": 8.447406768337913, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 104 4570 509 890 3171 314\n(ULOC) 1823\n-------------------------------------------------------------------------------\nYAML 46 2017 131 49 1837 0\n(ULOC) 378\n-------------------------------------------------------------------------------\nMarkdown 26 412 145 0 267 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nTypeScript 5 225 15 0 210 14\n(ULOC) 150\n-------------------------------------------------------------------------------\nBASH 4 79 16 11 52 10\n(ULOC) 37\n-------------------------------------------------------------------------------\nJSON 4 123 0 0 123 0\n(ULOC) 113\n-------------------------------------------------------------------------------\nShell 4 419 75 31 313 58\n(ULOC) 264\n-------------------------------------------------------------------------------\nHCL 3 156 22 3 131 0\n(ULOC) 96\n-------------------------------------------------------------------------------\nJavaScript 3 35290 2229 1832 31229 2887\n(ULOC) 16558\n-------------------------------------------------------------------------------\nPython 2 448 33 44 371 26\n(ULOC) 320\n-------------------------------------------------------------------------------\nLicense 1 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nPlain Text 1 11179 1841 0 9338 0\n(ULOC) 290\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 204 54949 5023 2860 47066 3309\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 20117\nDRYness % 0.37\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,541,480\nEstimated Schedule Effort (organic) 16.21 months\nEstimated People Required (organic) 8.45\n───────────────────────────────────────────────────────────────────────────────\nProcessed 2329838 bytes, 2.330 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "HCL": 125620, + "Shell": 17999, + "Python": 17264, + "TypeScript": 6238, + "JavaScript": 172 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "@actions/core", + 0.0, + "2025-03-01T19:07:01.000" + ], + [ + "@aws-sdk/client-ssm", + 0.0, + "2025-03-01T19:07:01.000" + ], + [ + "@types/node", + 0.0, + "2025-03-01T19:07:01.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 1.3150684932, + "2025-03-01T19:07:01.000" + ], + [ + "@vercel/ncc", + 0.0, + "2025-03-01T19:07:01.000" + ], + [ + "aws-sdk-client-mock", + 1.304109589, + "2025-03-01T19:07:01.000" + ], + [ + "boto3", + 0.4904109589, + "2024-06-18T11:33:23.000" + ], + [ + "botocore", + 0.4904109589, + "2024-06-18T11:33:23.000" + ], + [ + "certifi", + 0.5369863014, + "2024-06-18T11:33:23.000" + ], + [ + "charset-normalizer", + 0.0, + "2024-06-18T11:33:23.000" + ], + [ + "docopt", + 0.0, + "2024-06-18T11:33:23.000" + ], + [ + "eslint", + 0.4328767123, + "2025-03-01T19:07:01.000" + ], + [ + "eslint-plugin-github", + 1.5534246575, + "2025-03-01T19:07:01.000" + ], + [ + "eslint-plugin-jest", + 0.9123287671, + "2025-03-01T19:07:01.000" + ], + [ + "idna", + 0.0, + "2024-06-18T11:33:23.000" + ], + [ + "jest", + 0.0, + "2025-03-01T19:07:01.000" + ], + [ + "jmespath", + 0.0, + "2024-06-18T11:33:23.000" + ], + [ + "js-yaml", + 0.0, + "2025-03-01T19:07:01.000" + ], + [ + "pipreqs", + 0.8493150685, + "2024-06-18T11:33:23.000" + ], + [ + "prettier", + 0.0, + "2025-03-01T19:07:01.000" + ], + [ + "python-dateutil", + 2.6328767123, + "2024-06-18T11:33:23.000" + ], + [ + "requests", + 1.0219178082, + "2024-06-18T11:33:23.000" + ], + [ + "s3transfer", + 0.2493150685, + "2024-06-18T11:33:23.000" + ], + [ + "six", + 0.0, + "2024-06-18T11:33:23.000" + ], + [ + "ts-jest", + 0.0, + "2025-03-01T19:07:01.000" + ], + [ + "typescript", + -0.002739726, + "2025-03-01T19:07:01.000" + ], + [ + "urllib3", + 0.6657534247, + "2024-06-18T11:33:23.000" + ], + [ + "yarg", + 0.0, + "2024-06-18T11:33:23.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/ab2d-contracts/ab2d-contracts_data.json b/app/site/_data/CMSgov/ab2d-contracts/ab2d-contracts_data.json index 96b4840e9a..a52b8bb3f0 100644 --- a/app/site/_data/CMSgov/ab2d-contracts/ab2d-contracts_data.json +++ b/app/site/_data/CMSgov/ab2d-contracts/ab2d-contracts_data.json @@ -1,432 +1,432 @@ { - "url": "https://github.com/CMSgov/ab2d-contracts", - "owner": "CMSgov", - "name": "ab2d-contracts", - "description": null, - "commits_count": 86, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 114, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 31, - "closed_pull_requests_count": 83, - "forks_count": 1, - "stargazers_count": 3, - "watchers_count": 7, - "total_project_lines": 3310, - "average_project_lines": 43, - "total_project_comment_lines": 160, - "average_project_comment_lines": 2, - "total_project_blank_lines": 571, - "average_blank_lines": 7, - "commits_by_month": { - "2025/2": 7, - "2024/11": 1, - "2024/9": 1, - "2024/8": 1, - "2024/7": 1, - "2024/6": 2, - "2024/5": 1, - "2023/9": 1, - "2023/8": 1, - "2023/7": 1, - "2023/6": 1, - "2023/5": 8, - "2023/4": 1, - "2023/3": 3 - }, - "new_commit_contributors_by_day_over_last_month": [ - [ - "2025-02-18T06:00:00.000Z", - 1 - ], - [ - "2025-02-26T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/ab2d-contracts", + "owner": "CMSgov", + "name": "ab2d-contracts", + "description": null, + "commits_count": 86, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 114, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 31, + "closed_pull_requests_count": 83, + "forks_count": 1, + "stargazers_count": 3, + "watchers_count": 7, + "total_project_lines": 3310, + "average_project_lines": 43, + "total_project_comment_lines": 160, + "average_project_comment_lines": 2, + "total_project_blank_lines": 571, + "average_blank_lines": 7, + "commits_by_month": { + "2025/2": 7, + "2024/11": 1, + "2024/9": 1, + "2024/8": 1, + "2024/7": 1, + "2024/6": 2, + "2024/5": 1, + "2023/9": 1, + "2023/8": 1, + "2023/7": 1, + "2023/6": 1, + "2023/5": 8, + "2023/4": 1, + "2023/3": 3 + }, + "new_commit_contributors_by_day_over_last_month": [ + [ + "2025-02-18T06:00:00.000Z", + 1 ], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-18T05:00:00.000Z", - 1 - ], - [ - "2024-11-25T06:00:00.000Z", - 1 - ], - [ - "2025-02-18T06:00:00.000Z", - 1 - ] + [ + "2025-02-26T06:00:00.000Z", + 1 + ] + ], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-18T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-03-28T17:22:35Z", - "ossf_scorecard": { - "date": "2025-02-23T16:40:10Z", - "repo": { - "name": "github.com/CMSgov/ab2d-contracts", - "commit": "ee51196b3915292a225526e22b784a62270fafc5" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "1 out of 18 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 17/18 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 1, - "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 5, - "reason": "dependency not pinned by hash detected -- score normalized to 5", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 86863, - "CodeBytes": 0, - "Lines": 2368, - "Code": 1877, - "Comment": 87, - "Blank": 404, - "Complexity": 69, - "Count": 50, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 8583, - "CodeBytes": 0, - "Lines": 281, - "Code": 233, - "Comment": 13, - "Blank": 35, - "Complexity": 0, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 3566, - "CodeBytes": 0, - "Lines": 85, - "Code": 54, - "Comment": 0, - "Blank": 31, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 2361, - "CodeBytes": 0, - "Lines": 43, - "Code": 38, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 9509, - "CodeBytes": 0, - "Lines": 260, - "Code": 186, - "Comment": 24, - "Blank": 50, - "Complexity": 18, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gradle", - "Bytes": 4918, - "CodeBytes": 0, - "Lines": 110, - "Code": 88, - "Comment": 11, - "Blank": 11, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 4998, - "CodeBytes": 0, - "Lines": 118, - "Code": 63, - "Comment": 26, - "Blank": 29, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 1107, - "CodeBytes": 0, - "Lines": 27, - "Code": 25, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 283, - "CodeBytes": 0, - "Lines": 10, - "Code": 8, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 66617.08773246313, - "estimatedScheduleMonths_low": 5.088495163136622, - "estimatedPeople_low": 1.2753981565351278, - "estimatedCost_high": 207607.94070282936, - "estimatedScheduleMonths_high": 5.088495163136622, - "estimatedPeople_high": 1.2753981565351278, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 50 2368 404 87 1877 69\n(ULOC) 1162\n-------------------------------------------------------------------------------\nYAML 8 281 35 13 233 0\n(ULOC) 178\n-------------------------------------------------------------------------------\nMarkdown 3 85 31 0 54 0\n(ULOC) 53\n-------------------------------------------------------------------------------\nSQL 3 43 5 0 38 0\n(ULOC) 38\n-------------------------------------------------------------------------------\nShell 3 260 50 24 186 18\n(ULOC) 141\n-------------------------------------------------------------------------------\nGradle 2 110 11 11 88 0\n(ULOC) 91\n-------------------------------------------------------------------------------\nProperties File 2 118 29 26 63 0\n(ULOC) 68\n-------------------------------------------------------------------------------\nXML 2 27 2 0 25 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nDockerfile 1 10 2 0 8 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 75 3311 571 161 2579 87\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1756\nDRYness % 0.53\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $73,049\nEstimated Schedule Effort (organic) 5.09 months\nEstimated People Required (organic) 1.28\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 122570 bytes, 0.123 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-11-25T06:00:00.000Z", + 1 + ], + [ + "2025-02-18T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-03-28T17:22:35Z", + "ossf_scorecard": { + "date": "2025-02-23T16:40:10Z", + "repo": { + "name": "github.com/CMSgov/ab2d-contracts", + "commit": "ee51196b3915292a225526e22b784a62270fafc5" }, - "predominant_langs": { - "Java": 86476, - "Shell": 9509, - "Dockerfile": 283 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "1 out of 18 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 17/18 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 1, + "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 5, + "reason": "dependency not pinned by hash detected -- score normalized to 5", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 86476, + "CodeBytes": 0, + "Lines": 2359, + "Code": 1868, + "Comment": 87, + "Blank": 404, + "Complexity": 69, + "Count": 51, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 8679, + "CodeBytes": 0, + "Lines": 283, + "Code": 235, + "Comment": 13, + "Blank": 35, + "Complexity": 0, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 2682, + "CodeBytes": 0, + "Lines": 47, + "Code": 42, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 3566, + "CodeBytes": 0, + "Lines": 85, + "Code": 54, + "Comment": 0, + "Blank": 31, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 9509, + "CodeBytes": 0, + "Lines": 260, + "Code": 186, + "Comment": 24, + "Blank": 50, + "Complexity": 18, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gradle", + "Bytes": 5078, + "CodeBytes": 0, + "Lines": 112, + "Code": 91, + "Comment": 10, + "Blank": 11, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 4998, + "CodeBytes": 0, + "Lines": 118, + "Code": 63, + "Comment": 26, + "Blank": 29, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 1107, + "CodeBytes": 0, + "Lines": 27, + "Code": 25, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 283, + "CodeBytes": 0, + "Lines": 10, + "Code": 8, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 66617.08773246313, + "estimatedScheduleMonths_low": 5.088495163136622, + "estimatedPeople_low": 1.2753981565351278, + "estimatedCost_high": 207607.94070282936, + "estimatedScheduleMonths_high": 5.088495163136622, + "estimatedPeople_high": 1.2753981565351278, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 51 2359 404 87 1868 69\n(ULOC) 1154\n-------------------------------------------------------------------------------\nYAML 8 283 35 13 235 0\n(ULOC) 178\n-------------------------------------------------------------------------------\nSQL 4 47 5 0 42 0\n(ULOC) 42\n-------------------------------------------------------------------------------\nMarkdown 3 85 31 0 54 0\n(ULOC) 53\n-------------------------------------------------------------------------------\nShell 3 260 50 24 186 18\n(ULOC) 141\n-------------------------------------------------------------------------------\nGradle 2 112 11 10 91 0\n(ULOC) 92\n-------------------------------------------------------------------------------\nProperties File 2 118 29 26 63 0\n(ULOC) 68\n-------------------------------------------------------------------------------\nXML 2 27 2 0 25 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nDockerfile 1 10 2 0 8 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 77 3310 571 160 2579 87\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1753\nDRYness % 0.53\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $73,049\nEstimated Schedule Effort (organic) 5.09 months\nEstimated People Required (organic) 1.28\n───────────────────────────────────────────────────────────────────────────────\nProcessed 122760 bytes, 0.123 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 86476, + "Shell": 9509, + "Dockerfile": 283 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ab2d-events/ab2d-events_data.json b/app/site/_data/CMSgov/ab2d-events/ab2d-events_data.json index 149bfc205d..6a59e610e9 100644 --- a/app/site/_data/CMSgov/ab2d-events/ab2d-events_data.json +++ b/app/site/_data/CMSgov/ab2d-events/ab2d-events_data.json @@ -1,429 +1,429 @@ { - "url": "https://github.com/CMSgov/ab2d-events", - "owner": "CMSgov", - "name": "ab2d-events", - "description": null, - "commits_count": 216, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 199, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 50, - "closed_pull_requests_count": 148, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 7, - "total_project_lines": 4374, - "average_project_lines": 69, - "total_project_comment_lines": 240, - "average_project_comment_lines": 4, - "total_project_blank_lines": 706, - "average_blank_lines": 11, - "commits_by_month": { - "2025/2": 1, - "2024/12": 1, - "2024/11": 1, - "2024/9": 1, - "2024/8": 4, - "2024/6": 2, - "2024/5": 2, - "2024/4": 1, - "2024/3": 1, - "2023/9": 1, - "2023/8": 1, - "2023/7": 1, - "2023/6": 3, - "2023/5": 9, - "2023/4": 1 - }, - "new_commit_contributors_by_day_over_last_month": [ - [ - "2025-02-26T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/ab2d-events", + "owner": "CMSgov", + "name": "ab2d-events", + "description": null, + "commits_count": 216, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 199, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 50, + "closed_pull_requests_count": 148, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 7, + "total_project_lines": 4374, + "average_project_lines": 69, + "total_project_comment_lines": 240, + "average_project_comment_lines": 4, + "total_project_blank_lines": 706, + "average_blank_lines": 11, + "commits_by_month": { + "2025/2": 1, + "2024/12": 1, + "2024/11": 1, + "2024/9": 1, + "2024/8": 4, + "2024/6": 2, + "2024/5": 2, + "2024/4": 1, + "2024/3": 1, + "2023/9": 1, + "2023/8": 1, + "2023/7": 1, + "2023/6": 3, + "2023/5": 9, + "2023/4": 1 + }, + "new_commit_contributors_by_day_over_last_month": [ + [ + "2025-02-26T06:00:00.000Z", + 1 + ] + ], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-18T05:00:00.000Z", + 1 ], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-18T05:00:00.000Z", - 1 - ], - [ - "2024-11-25T06:00:00.000Z", - 1 - ], - [ - "2024-12-12T06:00:00.000Z", - 1 - ] + [ + "2024-11-25T06:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-03-28T17:24:10Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:02Z", - "repo": { - "name": "github.com/CMSgov/ab2d-events", - "commit": "6d46af5532949e567ee00d4f283f4f2a411f65c5" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.0, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 5, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 4, - "reason": "10 out of 23 merged PRs checked by a CI test -- score normalized to 4", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 1, - "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 127575, - "CodeBytes": 0, - "Lines": 3125, - "Code": 2512, - "Comment": 114, - "Blank": 499, - "Complexity": 111, - "Count": 36, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 10989, - "CodeBytes": 0, - "Lines": 379, - "Code": 316, - "Comment": 12, - "Blank": 51, - "Complexity": 0, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 10687, - "CodeBytes": 0, - "Lines": 297, - "Code": 202, - "Comment": 34, - "Blank": 61, - "Complexity": 18, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 4088, - "CodeBytes": 0, - "Lines": 92, - "Code": 63, - "Comment": 0, - "Blank": 29, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 7733, - "CodeBytes": 0, - "Lines": 140, - "Code": 126, - "Comment": 0, - "Blank": 14, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gradle", - "Bytes": 4777, - "CodeBytes": 0, - "Lines": 104, - "Code": 85, - "Comment": 10, - "Blank": 9, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 2071, - "CodeBytes": 0, - "Lines": 60, - "Code": 41, - "Comment": 3, - "Blank": 16, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 197, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 6159, - "CodeBytes": 0, - "Lines": 159, - "Code": 71, - "Comment": 67, - "Blank": 21, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 89871.20395322963, - "estimatedScheduleMonths_low": 5.70167730893516, - "estimatedPeople_low": 1.535562272564331, - "estimatedCost_high": 280077.92319209676, - "estimatedScheduleMonths_high": 5.70167730893516, - "estimatedPeople_high": 1.535562272564331, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 36 3125 499 114 2512 111\n(ULOC) 1450\n-------------------------------------------------------------------------------\nYAML 9 379 51 12 316 0\n(ULOC) 148\n-------------------------------------------------------------------------------\nShell 5 297 61 34 202 18\n(ULOC) 149\n-------------------------------------------------------------------------------\nMarkdown 3 92 29 0 63 0\n(ULOC) 61\n-------------------------------------------------------------------------------\nSQL 3 140 14 0 126 0\n(ULOC) 85\n-------------------------------------------------------------------------------\nGradle 2 104 9 10 85 0\n(ULOC) 89\n-------------------------------------------------------------------------------\nProperties File 2 60 16 3 41 0\n(ULOC) 37\n-------------------------------------------------------------------------------\nDockerfile 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nXML 1 159 21 67 71 0\n(ULOC) 124\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 63 4374 704 240 3430 129\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 2144\nDRYness % 0.49\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $98,549\nEstimated Schedule Effort (organic) 5.70 months\nEstimated People Required (organic) 1.54\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 174658 bytes, 0.175 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-12-12T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-03-28T17:24:10Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:02Z", + "repo": { + "name": "github.com/CMSgov/ab2d-events", + "commit": "6d46af5532949e567ee00d4f283f4f2a411f65c5" }, - "predominant_langs": { - "Java": 127463, - "Shell": 10687, - "Dockerfile": 197 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.0, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 5, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 4, + "reason": "10 out of 23 merged PRs checked by a CI test -- score normalized to 4", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 1, + "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 127463, + "CodeBytes": 0, + "Lines": 3126, + "Code": 2511, + "Comment": 114, + "Blank": 501, + "Complexity": 111, + "Count": 36, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 10989, + "CodeBytes": 0, + "Lines": 379, + "Code": 316, + "Comment": 12, + "Blank": 51, + "Complexity": 0, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 10687, + "CodeBytes": 0, + "Lines": 297, + "Code": 202, + "Comment": 34, + "Blank": 61, + "Complexity": 18, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 4088, + "CodeBytes": 0, + "Lines": 92, + "Code": 63, + "Comment": 0, + "Blank": 29, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 7733, + "CodeBytes": 0, + "Lines": 140, + "Code": 126, + "Comment": 0, + "Blank": 14, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gradle", + "Bytes": 4757, + "CodeBytes": 0, + "Lines": 103, + "Code": 84, + "Comment": 10, + "Blank": 9, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 2071, + "CodeBytes": 0, + "Lines": 60, + "Code": 41, + "Comment": 3, + "Blank": 16, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 197, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 6159, + "CodeBytes": 0, + "Lines": 159, + "Code": 71, + "Comment": 67, + "Blank": 21, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 89816.18156937123, + "estimatedScheduleMonths_low": 5.700350563752995, + "estimatedPeople_low": 1.5349793263369944, + "estimatedCost_high": 279906.4494127073, + "estimatedScheduleMonths_high": 5.700350563752995, + "estimatedPeople_high": 1.5349793263369944, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 36 3126 501 114 2511 111\n(ULOC) 1446\n-------------------------------------------------------------------------------\nYAML 9 379 51 12 316 0\n(ULOC) 148\n-------------------------------------------------------------------------------\nShell 5 297 61 34 202 18\n(ULOC) 149\n-------------------------------------------------------------------------------\nMarkdown 3 92 29 0 63 0\n(ULOC) 61\n-------------------------------------------------------------------------------\nSQL 3 140 14 0 126 0\n(ULOC) 85\n-------------------------------------------------------------------------------\nGradle 2 103 9 10 84 0\n(ULOC) 88\n-------------------------------------------------------------------------------\nProperties File 2 60 16 3 41 0\n(ULOC) 37\n-------------------------------------------------------------------------------\nDockerfile 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nXML 1 159 21 67 71 0\n(ULOC) 124\n───────────────────────────────────────────────────────────────────────────────\nTotal 63 4374 706 240 3428 129\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2139\nDRYness % 0.49\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $98,489\nEstimated Schedule Effort (organic) 5.70 months\nEstimated People Required (organic) 1.53\n───────────────────────────────────────────────────────────────────────────────\nProcessed 174526 bytes, 0.175 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 127463, + "Shell": 10687, + "Dockerfile": 197 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ab2d-gradle/ab2d-gradle_data.json b/app/site/_data/CMSgov/ab2d-gradle/ab2d-gradle_data.json index 0e7dd24440..0ae5e0d70c 100644 --- a/app/site/_data/CMSgov/ab2d-gradle/ab2d-gradle_data.json +++ b/app/site/_data/CMSgov/ab2d-gradle/ab2d-gradle_data.json @@ -1,315 +1,315 @@ { - "url": "https://github.com/CMSgov/ab2d-gradle", - "owner": "CMSgov", - "name": "ab2d-gradle", - "description": null, - "commits_count": 22, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 14, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 5, - "closed_pull_requests_count": 9, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 8, - "total_project_lines": 421, - "average_project_lines": 60, - "total_project_comment_lines": 12, - "average_project_comment_lines": 2, - "total_project_blank_lines": 74, - "average_blank_lines": 11, - "commits_by_month": { - "2024/6": 2, - "2023/8": 2, - "2023/7": 1, - "2023/6": 1, - "2023/5": 4, - "2023/3": 2, - "2023/1": 3, - "2022/12": 1, - "2022/11": 1, - "2022/5": 3, - "2022/3": 2 + "url": "https://github.com/CMSgov/ab2d-gradle", + "owner": "CMSgov", + "name": "ab2d-gradle", + "description": null, + "commits_count": 22, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 14, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 5, + "closed_pull_requests_count": 9, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 8, + "total_project_lines": 421, + "average_project_lines": 60, + "total_project_comment_lines": 12, + "average_project_comment_lines": 2, + "total_project_blank_lines": 74, + "average_blank_lines": 11, + "commits_by_month": { + "2024/6": 2, + "2023/8": 2, + "2023/7": 1, + "2023/6": 1, + "2023/5": 4, + "2023/3": 2, + "2023/1": 3, + "2022/12": 1, + "2022/11": 1, + "2022/5": 3, + "2022/3": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-03-28T17:16:56Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:37Z", + "repo": { + "name": "github.com/CMSgov/ab2d-gradle", + "commit": "3831db3c51de8537fd3968f0a7fcd0bc8fde5838" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-03-28T17:16:56Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:37Z", - "repo": { - "name": "github.com/CMSgov/ab2d-gradle", - "commit": "3831db3c51de8537fd3968f0a7fcd0bc8fde5838" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.3, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 5 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 3, - "reason": "Found 5/15 approved changesets -- score normalized to 3", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 3300, - "CodeBytes": 0, - "Lines": 69, - "Code": 54, - "Comment": 0, - "Blank": 15, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gradle", - "Bytes": 2188, - "CodeBytes": 0, - "Lines": 83, - "Code": 71, - "Comment": 2, - "Blank": 10, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Groovy", - "Bytes": 9576, - "CodeBytes": 0, - "Lines": 251, - "Code": 198, - "Comment": 6, - "Blank": 47, - "Complexity": 22, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 704, - "CodeBytes": 0, - "Lines": 18, - "Code": 12, - "Comment": 4, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 7813.736850827548, - "estimatedScheduleMonths_low": 2.253788499827446, - "estimatedPeople_low": 0.3377498233661987, - "estimatedCost_high": 24351.01671374337, - "estimatedScheduleMonths_high": 2.253788499827446, - "estimatedPeople_high": 0.3377498233661987, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 3 69 15 0 54 0\n(ULOC) 49\n-------------------------------------------------------------------------------\nGradle 2 83 10 2 71 0\n(ULOC) 57\n-------------------------------------------------------------------------------\nGroovy 1 251 47 6 198 22\n(ULOC) 162\n-------------------------------------------------------------------------------\nYAML 1 18 2 4 12 0\n(ULOC) 14\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 7 421 74 12 335 22\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 267\nDRYness % 0.63\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $8,568\nEstimated Schedule Effort (organic) 2.25 months\nEstimated People Required (organic) 0.34\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 15768 bytes, 0.016 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Groovy": 9576 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.3, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 5 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 3, + "reason": "Found 5/15 approved changesets -- score normalized to 3", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 3300, + "CodeBytes": 0, + "Lines": 69, + "Code": 54, + "Comment": 0, + "Blank": 15, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gradle", + "Bytes": 2188, + "CodeBytes": 0, + "Lines": 83, + "Code": 71, + "Comment": 2, + "Blank": 10, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Groovy", + "Bytes": 9576, + "CodeBytes": 0, + "Lines": 251, + "Code": 198, + "Comment": 6, + "Blank": 47, + "Complexity": 22, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 704, + "CodeBytes": 0, + "Lines": 18, + "Code": 12, + "Comment": 4, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 7813.736850827548, + "estimatedScheduleMonths_low": 2.253788499827446, + "estimatedPeople_low": 0.3377498233661987, + "estimatedCost_high": 24351.01671374337, + "estimatedScheduleMonths_high": 2.253788499827446, + "estimatedPeople_high": 0.3377498233661987, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 3 69 15 0 54 0\n(ULOC) 49\n-------------------------------------------------------------------------------\nGradle 2 83 10 2 71 0\n(ULOC) 57\n-------------------------------------------------------------------------------\nGroovy 1 251 47 6 198 22\n(ULOC) 162\n-------------------------------------------------------------------------------\nYAML 1 18 2 4 12 0\n(ULOC) 14\n───────────────────────────────────────────────────────────────────────────────\nTotal 7 421 74 12 335 22\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 267\nDRYness % 0.63\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $8,568\nEstimated Schedule Effort (organic) 2.25 months\nEstimated People Required (organic) 0.34\n───────────────────────────────────────────────────────────────────────────────\nProcessed 15768 bytes, 0.016 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Groovy": 9576 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ab2d-lambdas/ab2d-lambdas_data.json b/app/site/_data/CMSgov/ab2d-lambdas/ab2d-lambdas_data.json index ad27baf531..7576933eee 100644 --- a/app/site/_data/CMSgov/ab2d-lambdas/ab2d-lambdas_data.json +++ b/app/site/_data/CMSgov/ab2d-lambdas/ab2d-lambdas_data.json @@ -1,466 +1,466 @@ { - "url": "https://github.com/CMSgov/ab2d-lambdas", - "owner": "CMSgov", - "name": "ab2d-lambdas", - "description": null, - "commits_count": 171, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 120, - "open_pull_requests_count": 3, - "merged_pull_requests_count": 76, - "closed_pull_requests_count": 41, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 8, - "total_project_lines": 6326, - "average_project_lines": 45, - "total_project_comment_lines": 331, - "average_project_comment_lines": 2, - "total_project_blank_lines": 996, - "average_blank_lines": 7, - "commits_by_month": { - "2024/11": 4, - "2024/10": 1, - "2024/9": 1, - "2024/8": 1, - "2024/6": 5, - "2024/5": 2, - "2024/4": 4, - "2024/3": 12 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-18T05:00:00.000Z", - 1 - ], - [ - "2024-10-07T05:00:00.000Z", - 1 - ], - [ - "2024-11-08T06:00:00.000Z", - 1 - ], - [ - "2024-11-15T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/ab2d-lambdas", + "owner": "CMSgov", + "name": "ab2d-lambdas", + "description": null, + "commits_count": 171, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 120, + "open_pull_requests_count": 3, + "merged_pull_requests_count": 76, + "closed_pull_requests_count": 41, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 8, + "total_project_lines": 6326, + "average_project_lines": 45, + "total_project_comment_lines": 331, + "average_project_comment_lines": 2, + "total_project_blank_lines": 996, + "average_blank_lines": 7, + "commits_by_month": { + "2024/11": 4, + "2024/10": 1, + "2024/9": 1, + "2024/8": 1, + "2024/6": 5, + "2024/5": 2, + "2024/4": 4, + "2024/3": 12 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-18T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-03-28T17:35:35Z", - "ossf_scorecard": { - "date": "2025-02-23T16:43:02Z", - "repo": { - "name": "github.com/CMSgov/ab2d-lambdas", - "commit": "6a799d2d1e85aedfb0465d232850a75ef90a5181" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.1, - "checks": [ - { - "details": null, - "score": 8, - "reason": "binaries present in source code", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 7, - "reason": "23 out of 30 merged PRs checked by a CI test -- score normalized to 7", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 11 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 140320, - "CodeBytes": 0, - "Lines": 3718, - "Code": 2989, - "Comment": 126, - "Blank": 603, - "Complexity": 99, - "Count": 61, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 1250, - "CodeBytes": 0, - "Lines": 29, - "Code": 27, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 15, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 14813, - "CodeBytes": 0, - "Lines": 455, - "Code": 410, - "Comment": 13, - "Blank": 32, - "Complexity": 0, - "Count": 14, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gradle", - "Bytes": 26110, - "CodeBytes": 0, - "Lines": 866, - "Code": 684, - "Comment": 23, - "Blank": 159, - "Complexity": 0, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 9884, - "CodeBytes": 0, - "Lines": 227, - "Code": 153, - "Comment": 0, - "Blank": 74, - "Complexity": 0, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 9237, - "CodeBytes": 0, - "Lines": 254, - "Code": 164, - "Comment": 67, - "Blank": 23, - "Complexity": 0, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 12077, - "CodeBytes": 0, - "Lines": 359, - "Code": 274, - "Comment": 52, - "Blank": 33, - "Complexity": 7, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 8142, - "CodeBytes": 0, - "Lines": 266, - "Code": 177, - "Comment": 47, - "Blank": 42, - "Complexity": 24, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 946, - "CodeBytes": 0, - "Lines": 31, - "Code": 23, - "Comment": 3, - "Blank": 5, - "Complexity": 3, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 205, - "CodeBytes": 0, - "Lines": 11, - "Code": 11, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Batch", - "Bytes": 2763, - "CodeBytes": 0, - "Lines": 89, - "Code": 68, - "Comment": 0, - "Blank": 21, - "Complexity": 18, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 790, - "CodeBytes": 0, - "Lines": 12, - "Code": 12, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 133471.64936832088, - "estimatedScheduleMonths_low": 6.626354283609346, - "estimatedPeople_low": 1.9622931292245935, - "estimatedCost_high": 415955.95380648796, - "estimatedScheduleMonths_high": 6.626354283609346, - "estimatedPeople_high": 1.9622931292245935, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 61 3718 603 126 2989 99\n(ULOC) 1890\n-------------------------------------------------------------------------------\nProperties File 15 29 2 0 27 0\n(ULOC) 17\n-------------------------------------------------------------------------------\nYAML 14 455 32 13 410 0\n(ULOC) 184\n-------------------------------------------------------------------------------\nGradle 12 866 159 23 684 0\n(ULOC) 280\n-------------------------------------------------------------------------------\nMarkdown 11 227 74 0 153 0\n(ULOC) 132\n-------------------------------------------------------------------------------\nXML 8 254 23 67 164 0\n(ULOC) 146\n-------------------------------------------------------------------------------\nTerraform 6 359 33 52 274 7\n(ULOC) 208\n-------------------------------------------------------------------------------\nShell 5 266 42 47 177 24\n(ULOC) 188\n-------------------------------------------------------------------------------\nSQL 3 31 5 3 23 3\n(ULOC) 25\n-------------------------------------------------------------------------------\nPlain Text 2 11 0 0 11 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nBatch 1 89 21 0 68 18\n(ULOC) 56\n-------------------------------------------------------------------------------\nJSON 1 12 0 0 12 0\n(ULOC) 12\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 140 6326 996 331 4999 151\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 3134\nDRYness % 0.50\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $146,360\nEstimated Schedule Effort (organic) 6.63 months\nEstimated People Required (organic) 1.96\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 226919 bytes, 0.227 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-10-07T05:00:00.000Z", + 1 + ], + [ + "2024-11-08T06:00:00.000Z", + 1 + ], + [ + "2024-11-15T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-03-28T17:35:35Z", + "ossf_scorecard": { + "date": "2025-02-23T16:43:02Z", + "repo": { + "name": "github.com/CMSgov/ab2d-lambdas", + "commit": "6a799d2d1e85aedfb0465d232850a75ef90a5181" }, - "predominant_langs": { - "Java": 140320, - "HCL": 12077, - "Shell": 2368 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.1, + "checks": [ + { + "details": null, + "score": 8, + "reason": "binaries present in source code", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 7, + "reason": "23 out of 30 merged PRs checked by a CI test -- score normalized to 7", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 11 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 140320, + "CodeBytes": 0, + "Lines": 3718, + "Code": 2989, + "Comment": 126, + "Blank": 603, + "Complexity": 99, + "Count": 61, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 1250, + "CodeBytes": 0, + "Lines": 29, + "Code": 27, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 15, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 14813, + "CodeBytes": 0, + "Lines": 455, + "Code": 410, + "Comment": 13, + "Blank": 32, + "Complexity": 0, + "Count": 14, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gradle", + "Bytes": 26110, + "CodeBytes": 0, + "Lines": 866, + "Code": 684, + "Comment": 23, + "Blank": 159, + "Complexity": 0, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 9884, + "CodeBytes": 0, + "Lines": 227, + "Code": 153, + "Comment": 0, + "Blank": 74, + "Complexity": 0, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 9237, + "CodeBytes": 0, + "Lines": 254, + "Code": 164, + "Comment": 67, + "Blank": 23, + "Complexity": 0, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 12077, + "CodeBytes": 0, + "Lines": 359, + "Code": 274, + "Comment": 52, + "Blank": 33, + "Complexity": 7, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 8142, + "CodeBytes": 0, + "Lines": 266, + "Code": 177, + "Comment": 47, + "Blank": 42, + "Complexity": 24, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 946, + "CodeBytes": 0, + "Lines": 31, + "Code": 23, + "Comment": 3, + "Blank": 5, + "Complexity": 3, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 205, + "CodeBytes": 0, + "Lines": 11, + "Code": 11, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Batch", + "Bytes": 2763, + "CodeBytes": 0, + "Lines": 89, + "Code": 68, + "Comment": 0, + "Blank": 21, + "Complexity": 18, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 790, + "CodeBytes": 0, + "Lines": 12, + "Code": 12, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 133471.64936832088, + "estimatedScheduleMonths_low": 6.626354283609346, + "estimatedPeople_low": 1.9622931292245935, + "estimatedCost_high": 415955.95380648796, + "estimatedScheduleMonths_high": 6.626354283609346, + "estimatedPeople_high": 1.9622931292245935, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 61 3718 603 126 2989 99\n(ULOC) 1890\n-------------------------------------------------------------------------------\nProperties File 15 29 2 0 27 0\n(ULOC) 17\n-------------------------------------------------------------------------------\nYAML 14 455 32 13 410 0\n(ULOC) 184\n-------------------------------------------------------------------------------\nGradle 12 866 159 23 684 0\n(ULOC) 280\n-------------------------------------------------------------------------------\nMarkdown 11 227 74 0 153 0\n(ULOC) 132\n-------------------------------------------------------------------------------\nXML 8 254 23 67 164 0\n(ULOC) 146\n-------------------------------------------------------------------------------\nTerraform 6 359 33 52 274 7\n(ULOC) 208\n-------------------------------------------------------------------------------\nShell 5 266 42 47 177 24\n(ULOC) 188\n-------------------------------------------------------------------------------\nSQL 3 31 5 3 23 3\n(ULOC) 25\n-------------------------------------------------------------------------------\nPlain Text 2 11 0 0 11 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nBatch 1 89 21 0 68 18\n(ULOC) 56\n-------------------------------------------------------------------------------\nJSON 1 12 0 0 12 0\n(ULOC) 12\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 140 6326 996 331 4999 151\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3134\nDRYness % 0.50\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $146,360\nEstimated Schedule Effort (organic) 6.63 months\nEstimated People Required (organic) 1.96\n───────────────────────────────────────────────────────────────────────────────\nProcessed 226919 bytes, 0.227 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 140320, + "HCL": 12077, + "Shell": 2368 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ab2d-pdp-documentation/ab2d-pdp-documentation_data.json b/app/site/_data/CMSgov/ab2d-pdp-documentation/ab2d-pdp-documentation_data.json index d85834d6b9..1dbfd95017 100644 --- a/app/site/_data/CMSgov/ab2d-pdp-documentation/ab2d-pdp-documentation_data.json +++ b/app/site/_data/CMSgov/ab2d-pdp-documentation/ab2d-pdp-documentation_data.json @@ -1,308 +1,308 @@ { - "url": "https://github.com/CMSgov/ab2d-pdp-documentation", - "owner": "CMSgov", - "name": "ab2d-pdp-documentation", - "description": "AB2D API documentation for PDPs", - "commits_count": 35, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 30, - "open_pull_requests_count": 3, - "merged_pull_requests_count": 21, - "closed_pull_requests_count": 6, - "forks_count": 1, - "stargazers_count": 3, - "watchers_count": 13, - "total_project_lines": 2934, - "average_project_lines": 293, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 543, - "average_blank_lines": 54, - "commits_by_month": { - "2024/10": 1, - "2024/6": 2, - "2024/5": 2, - "2023/5": 1, - "2023/3": 1, - "2022/11": 1, - "2022/8": 2, - "2022/7": 1, - "2022/5": 1, - "2022/2": 1, - "2021/11": 1, - "2021/3": 1, - "2021/2": 2, - "2020/12": 8, - "2021/1": 3, - "2020/11": 2 + "url": "https://github.com/CMSgov/ab2d-pdp-documentation", + "owner": "CMSgov", + "name": "ab2d-pdp-documentation", + "description": "AB2D API documentation for PDPs", + "commits_count": 35, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 30, + "open_pull_requests_count": 3, + "merged_pull_requests_count": 21, + "closed_pull_requests_count": 6, + "forks_count": 1, + "stargazers_count": 3, + "watchers_count": 13, + "total_project_lines": 2934, + "average_project_lines": 293, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 543, + "average_blank_lines": 54, + "commits_by_month": { + "2024/10": 1, + "2024/6": 2, + "2024/5": 2, + "2023/5": 1, + "2023/3": 1, + "2022/11": 1, + "2022/8": 2, + "2022/7": 1, + "2022/5": 1, + "2022/2": 1, + "2021/11": 1, + "2021/3": 1, + "2021/2": 2, + "2020/12": 8, + "2021/1": 3, + "2020/11": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-10-22T05:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-11-19T20:51:19Z", + "ossf_scorecard": { + "date": "2025-02-23T16:40:29Z", + "repo": { + "name": "github.com/CMSgov/ab2d-pdp-documentation", + "commit": "5d7ea426ee96f77d86c20714fa4b504741439126" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-10-22T05:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-11-19T20:51:19Z", - "ossf_scorecard": { - "date": "2025-02-23T16:40:29Z", - "repo": { - "name": "github.com/CMSgov/ab2d-pdp-documentation", - "commit": "5d7ea426ee96f77d86c20714fa4b504741439126" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 1, - "reason": "4 out of 21 merged PRs checked by a CI test -- score normalized to 1", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 8, - "reason": "Found 20/25 approved changesets -- score normalized to 8", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 107523, - "CodeBytes": 0, - "Lines": 2790, - "Code": 2261, - "Comment": 0, - "Blank": 529, - "Complexity": 0, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7048, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 770, - "CodeBytes": 0, - "Lines": 23, - "Code": 21, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 61527.64443673379, - "estimatedScheduleMonths_low": 4.937118274627151, - "estimatedPeople_low": 1.2140770936887586, - "estimatedCost_high": 191747.0125548807, - "estimatedScheduleMonths_high": 4.937118274627151, - "estimatedPeople_high": 1.2140770936887586, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 8 2790 529 0 2261 0\n(ULOC) 1017\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 23 2 0 21 0\n(ULOC) 20\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 10 2934 543 0 2391 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1145\nDRYness % 0.39\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $67,468\nEstimated Schedule Effort (organic) 4.94 months\nEstimated People Required (organic) 1.21\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 115341 bytes, 0.115 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 1, + "reason": "4 out of 21 merged PRs checked by a CI test -- score normalized to 1", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 8, + "reason": "Found 20/25 approved changesets -- score normalized to 8", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 107523, + "CodeBytes": 0, + "Lines": 2790, + "Code": 2261, + "Comment": 0, + "Blank": 529, + "Complexity": 0, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7048, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 770, + "CodeBytes": 0, + "Lines": 23, + "Code": 21, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 61527.64443673379, + "estimatedScheduleMonths_low": 4.937118274627151, + "estimatedPeople_low": 1.2140770936887586, + "estimatedCost_high": 191747.0125548807, + "estimatedScheduleMonths_high": 4.937118274627151, + "estimatedPeople_high": 1.2140770936887586, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 8 2790 529 0 2261 0\n(ULOC) 1017\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 23 2 0 21 0\n(ULOC) 20\n───────────────────────────────────────────────────────────────────────────────\nTotal 10 2934 543 0 2391 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1145\nDRYness % 0.39\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $67,468\nEstimated Schedule Effort (organic) 4.94 months\nEstimated People Required (organic) 1.21\n───────────────────────────────────────────────────────────────────────────────\nProcessed 115341 bytes, 0.115 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ab2d-properties/ab2d-properties_data.json b/app/site/_data/CMSgov/ab2d-properties/ab2d-properties_data.json index 10093fc67b..7a49f11395 100644 --- a/app/site/_data/CMSgov/ab2d-properties/ab2d-properties_data.json +++ b/app/site/_data/CMSgov/ab2d-properties/ab2d-properties_data.json @@ -1,453 +1,453 @@ { - "url": "https://github.com/CMSgov/ab2d-properties", - "owner": "CMSgov", - "name": "ab2d-properties", - "description": null, - "commits_count": 82, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 131, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 48, - "closed_pull_requests_count": 83, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 7, - "total_project_lines": 1829, - "average_project_lines": 49, - "total_project_comment_lines": 258, - "average_project_comment_lines": 7, - "total_project_blank_lines": 281, - "average_blank_lines": 8, - "commits_by_month": { - "2025/2": 11, - "2024/11": 1, - "2024/9": 1, - "2024/8": 1, - "2024/7": 1, - "2024/6": 1, - "2024/4": 1, - "2024/2": 1, - "2024/1": 1, - "2023/12": 1, - "2023/10": 1, - "2023/9": 2, - "2023/8": 1, - "2023/7": 1, - "2023/6": 1, - "2023/5": 4 - }, - "new_commit_contributors_by_day_over_last_month": [ - [ - "2025-02-21T06:00:00.000Z", - 1 - ], - [ - "2025-02-26T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/ab2d-properties", + "owner": "CMSgov", + "name": "ab2d-properties", + "description": null, + "commits_count": 82, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 131, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 48, + "closed_pull_requests_count": 83, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 7, + "total_project_lines": 1829, + "average_project_lines": 49, + "total_project_comment_lines": 258, + "average_project_comment_lines": 7, + "total_project_blank_lines": 281, + "average_blank_lines": 8, + "commits_by_month": { + "2025/2": 11, + "2024/11": 1, + "2024/9": 1, + "2024/8": 1, + "2024/7": 1, + "2024/6": 1, + "2024/4": 1, + "2024/2": 1, + "2024/1": 1, + "2023/12": 1, + "2023/10": 1, + "2023/9": 2, + "2023/8": 1, + "2023/7": 1, + "2023/6": 1, + "2023/5": 4 + }, + "new_commit_contributors_by_day_over_last_month": [ + [ + "2025-02-21T06:00:00.000Z", + 1 ], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-18T05:00:00.000Z", - 1 - ], - [ - "2024-11-25T06:00:00.000Z", - 1 - ], - [ - "2025-02-21T06:00:00.000Z", - 1 - ], - [ - "2025-02-26T06:00:00.000Z", - 1 - ] + [ + "2025-02-26T06:00:00.000Z", + 1 + ] + ], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-18T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-03-28T17:40:14Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:00Z", - "repo": { - "name": "github.com/CMSgov/ab2d-properties", - "commit": "716d8bcc5d948b45e970d75546574a208568edcd" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "1 out of 21 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 1, - "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 5, - "reason": "dependency not pinned by hash detected -- score normalized to 5", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 20676, - "CodeBytes": 0, - "Lines": 600, - "Code": 478, - "Comment": 37, - "Blank": 85, - "Complexity": 14, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 11889, - "CodeBytes": 0, - "Lines": 375, - "Code": 329, - "Comment": 10, - "Blank": 36, - "Complexity": 0, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 3427, - "CodeBytes": 0, - "Lines": 75, - "Code": 55, - "Comment": 3, - "Blank": 17, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 17584, - "CodeBytes": 0, - "Lines": 494, - "Code": 284, - "Comment": 133, - "Blank": 77, - "Complexity": 30, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 4508, - "CodeBytes": 0, - "Lines": 105, - "Code": 66, - "Comment": 0, - "Blank": 39, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gradle", - "Bytes": 4288, - "CodeBytes": 0, - "Lines": 101, - "Code": 83, - "Comment": 9, - "Blank": 9, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 658, - "CodeBytes": 0, - "Lines": 17, - "Code": 13, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Batch", - "Bytes": 2674, - "CodeBytes": 0, - "Lines": 89, - "Code": 68, - "Comment": 0, - "Blank": 21, - "Complexity": 18, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 384, - "CodeBytes": 0, - "Lines": 11, - "Code": 8, - "Comment": 1, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 6159, - "CodeBytes": 0, - "Lines": 159, - "Code": 71, - "Comment": 67, - "Blank": 21, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 36707.64093840781, - "estimatedScheduleMonths_low": 4.05727347947305, - "estimatedPeople_low": 0.8813972695008662, - "estimatedCost_high": 114397.04140005556, - "estimatedScheduleMonths_high": 4.05727347947305, - "estimatedPeople_high": 0.8813972695008662, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 13 600 85 37 478 14\n(ULOC) 309\n-------------------------------------------------------------------------------\nYAML 9 375 36 10 329 0\n(ULOC) 222\n-------------------------------------------------------------------------------\nSQL 4 75 17 3 55 0\n(ULOC) 42\n-------------------------------------------------------------------------------\nShell 4 494 77 133 284 30\n(ULOC) 312\n-------------------------------------------------------------------------------\nMarkdown 3 105 39 0 66 0\n(ULOC) 65\n-------------------------------------------------------------------------------\nGradle 2 101 9 9 83 0\n(ULOC) 85\n-------------------------------------------------------------------------------\nProperties File 2 17 4 0 13 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nBatch 1 89 21 0 68 18\n(ULOC) 56\n-------------------------------------------------------------------------------\nDockerfile 1 11 2 1 8 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nXML 1 159 21 67 71 0\n(ULOC) 124\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 41 2035 313 260 1462 62\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1231\nDRYness % 0.60\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $40,252\nEstimated Schedule Effort (organic) 4.06 months\nEstimated People Required (organic) 0.88\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 72629 bytes, 0.073 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-11-25T06:00:00.000Z", + 1 + ], + [ + "2025-02-21T06:00:00.000Z", + 1 + ], + [ + "2025-02-26T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-03-28T17:40:14Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:00Z", + "repo": { + "name": "github.com/CMSgov/ab2d-properties", + "commit": "716d8bcc5d948b45e970d75546574a208568edcd" }, - "predominant_langs": { - "Java": 20690, - "Shell": 9514, - "Dockerfile": 384 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "1 out of 21 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 1, + "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 5, + "reason": "dependency not pinned by hash detected -- score normalized to 5", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 20690, + "CodeBytes": 0, + "Lines": 600, + "Code": 478, + "Comment": 37, + "Blank": 85, + "Complexity": 14, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 12083, + "CodeBytes": 0, + "Lines": 380, + "Code": 333, + "Comment": 10, + "Blank": 37, + "Complexity": 0, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 3427, + "CodeBytes": 0, + "Lines": 75, + "Code": 55, + "Comment": 3, + "Blank": 17, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 17584, + "CodeBytes": 0, + "Lines": 494, + "Code": 284, + "Comment": 133, + "Blank": 77, + "Complexity": 30, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 4508, + "CodeBytes": 0, + "Lines": 105, + "Code": 66, + "Comment": 0, + "Blank": 39, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gradle", + "Bytes": 4160, + "CodeBytes": 0, + "Lines": 102, + "Code": 83, + "Comment": 9, + "Blank": 10, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 658, + "CodeBytes": 0, + "Lines": 17, + "Code": 13, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Batch", + "Bytes": 2674, + "CodeBytes": 0, + "Lines": 89, + "Code": 68, + "Comment": 0, + "Blank": 21, + "Complexity": 18, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 384, + "CodeBytes": 0, + "Lines": 11, + "Code": 8, + "Comment": 1, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 6159, + "CodeBytes": 0, + "Lines": 159, + "Code": 71, + "Comment": 67, + "Blank": 21, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 36813.10101235024, + "estimatedScheduleMonths_low": 4.061698987271765, + "estimatedPeople_low": 0.8829663967665177, + "estimatedCost_high": 114725.70105064682, + "estimatedScheduleMonths_high": 4.061698987271765, + "estimatedPeople_high": 0.8829663967665177, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 13 600 85 37 478 14\n(ULOC) 309\n-------------------------------------------------------------------------------\nYAML 9 380 37 10 333 0\n(ULOC) 223\n-------------------------------------------------------------------------------\nSQL 4 75 17 3 55 0\n(ULOC) 42\n-------------------------------------------------------------------------------\nShell 4 494 77 133 284 30\n(ULOC) 312\n-------------------------------------------------------------------------------\nMarkdown 3 105 39 0 66 0\n(ULOC) 65\n-------------------------------------------------------------------------------\nGradle 2 102 10 9 83 0\n(ULOC) 84\n-------------------------------------------------------------------------------\nProperties File 2 17 4 0 13 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nBatch 1 89 21 0 68 18\n(ULOC) 56\n-------------------------------------------------------------------------------\nDockerfile 1 11 2 1 8 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nXML 1 159 21 67 71 0\n(ULOC) 124\n───────────────────────────────────────────────────────────────────────────────\nTotal 41 2041 315 260 1466 62\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1230\nDRYness % 0.60\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $40,367\nEstimated Schedule Effort (organic) 4.06 months\nEstimated People Required (organic) 0.88\n───────────────────────────────────────────────────────────────────────────────\nProcessed 72709 bytes, 0.073 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 20690, + "Shell": 9514, + "Dockerfile": 384 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ab2d-sample-client-bash/ab2d-sample-client-bash_data.json b/app/site/_data/CMSgov/ab2d-sample-client-bash/ab2d-sample-client-bash_data.json index f4b8beaf65..91bf8ce127 100644 --- a/app/site/_data/CMSgov/ab2d-sample-client-bash/ab2d-sample-client-bash_data.json +++ b/app/site/_data/CMSgov/ab2d-sample-client-bash/ab2d-sample-client-bash_data.json @@ -1,342 +1,342 @@ { - "url": "https://github.com/CMSgov/ab2d-sample-client-bash", - "owner": "CMSgov", - "name": "ab2d-sample-client-bash", - "description": null, - "commits_count": 57, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 19, - "open_pull_requests_count": 4, - "merged_pull_requests_count": 14, - "closed_pull_requests_count": 1, - "forks_count": 0, - "stargazers_count": 2, - "watchers_count": 18, - "total_project_lines": 861, - "average_project_lines": 66, - "total_project_comment_lines": 27, - "average_project_comment_lines": 2, - "total_project_blank_lines": 170, - "average_blank_lines": 13, - "commits_by_month": { - "2025/2": 11, - "2024/10": 1, - "2024/9": 1, - "2024/8": 1, - "2024/7": 6, - "2024/6": 2, - "2023/10": 6, - "2023/5": 2 - }, - "new_commit_contributors_by_day_over_last_month": [ - [ - "2025-02-07T06:00:00.000Z", - 1 - ], - [ - "2025-02-10T06:00:00.000Z", - 1 - ], - [ - "2025-02-12T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/ab2d-sample-client-bash", + "owner": "CMSgov", + "name": "ab2d-sample-client-bash", + "description": null, + "commits_count": 57, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 19, + "open_pull_requests_count": 4, + "merged_pull_requests_count": 14, + "closed_pull_requests_count": 1, + "forks_count": 0, + "stargazers_count": 2, + "watchers_count": 18, + "total_project_lines": 861, + "average_project_lines": 66, + "total_project_comment_lines": 27, + "average_project_comment_lines": 2, + "total_project_blank_lines": 170, + "average_blank_lines": 13, + "commits_by_month": { + "2025/2": 11, + "2024/10": 1, + "2024/9": 1, + "2024/8": 1, + "2024/7": 6, + "2024/6": 2, + "2023/10": 6, + "2023/5": 2 + }, + "new_commit_contributors_by_day_over_last_month": [ + [ + "2025-02-07T06:00:00.000Z", + 1 ], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-10-21T05:00:00.000Z", - 1 - ], - [ - "2025-02-07T06:00:00.000Z", - 1 - ], - [ - "2025-02-10T06:00:00.000Z", - 1 - ], - [ - "2025-02-12T06:00:00.000Z", - 1 - ] + [ + "2025-02-10T06:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-11-03T16:41:07Z", - "ossf_scorecard": { - "date": "2025-02-23T16:41:37Z", - "repo": { - "name": "github.com/CMSgov/ab2d-sample-client-bash", - "commit": "0b52e423b75b2231b734eac79a378837377b7a2e" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.3, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 6, - "reason": "4 out of 6 merged PRs checked by a CI test -- score normalized to 6", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 9, - "reason": "11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Shell", - "Bytes": 12452, - "CodeBytes": 0, - "Lines": 467, - "Code": 356, - "Comment": 27, - "Blank": 84, - "Complexity": 83, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 12020, - "CodeBytes": 0, - "Lines": 250, - "Code": 178, - "Comment": 0, - "Blank": 72, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7048, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 770, - "CodeBytes": 0, - "Lines": 23, - "Code": 21, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 16026.482624098257, - "estimatedScheduleMonths_low": 2.961183659578059, - "estimatedPeople_low": 0.5272570322966568, - "estimatedCost_high": 49945.51949885567, - "estimatedScheduleMonths_high": 2.961183659578059, - "estimatedPeople_high": 0.5272570322966568, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nShell 8 467 84 27 356 83\n(ULOC) 253\n-------------------------------------------------------------------------------\nMarkdown 3 250 72 0 178 0\n(ULOC) 142\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 23 2 0 21 0\n(ULOC) 20\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 13 861 170 27 664 83\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 511\nDRYness % 0.59\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $17,574\nEstimated Schedule Effort (organic) 2.96 months\nEstimated People Required (organic) 0.53\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 32290 bytes, 0.032 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2025-02-12T06:00:00.000Z", + 1 + ] + ], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-10-21T05:00:00.000Z", + 1 + ], + [ + "2025-02-07T06:00:00.000Z", + 1 + ], + [ + "2025-02-10T06:00:00.000Z", + 1 + ], + [ + "2025-02-12T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-11-03T16:41:07Z", + "ossf_scorecard": { + "date": "2025-02-23T16:41:37Z", + "repo": { + "name": "github.com/CMSgov/ab2d-sample-client-bash", + "commit": "0b52e423b75b2231b734eac79a378837377b7a2e" }, - "predominant_langs": { - "Shell": 12452 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.3, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 6, + "reason": "4 out of 6 merged PRs checked by a CI test -- score normalized to 6", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 9, + "reason": "11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Shell", + "Bytes": 12452, + "CodeBytes": 0, + "Lines": 467, + "Code": 356, + "Comment": 27, + "Blank": 84, + "Complexity": 83, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 12020, + "CodeBytes": 0, + "Lines": 250, + "Code": 178, + "Comment": 0, + "Blank": 72, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7048, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 770, + "CodeBytes": 0, + "Lines": 23, + "Code": 21, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 16026.482624098257, + "estimatedScheduleMonths_low": 2.961183659578059, + "estimatedPeople_low": 0.5272570322966568, + "estimatedCost_high": 49945.51949885567, + "estimatedScheduleMonths_high": 2.961183659578059, + "estimatedPeople_high": 0.5272570322966568, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nShell 8 467 84 27 356 83\n(ULOC) 253\n-------------------------------------------------------------------------------\nMarkdown 3 250 72 0 178 0\n(ULOC) 142\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 23 2 0 21 0\n(ULOC) 20\n───────────────────────────────────────────────────────────────────────────────\nTotal 13 861 170 27 664 83\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 511\nDRYness % 0.59\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $17,574\nEstimated Schedule Effort (organic) 2.96 months\nEstimated People Required (organic) 0.53\n───────────────────────────────────────────────────────────────────────────────\nProcessed 32290 bytes, 0.032 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Shell": 12452 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ab2d-sample-client-powershell/ab2d-sample-client-powershell_data.json b/app/site/_data/CMSgov/ab2d-sample-client-powershell/ab2d-sample-client-powershell_data.json index 4e4e9443ec..e246f4848d 100644 --- a/app/site/_data/CMSgov/ab2d-sample-client-powershell/ab2d-sample-client-powershell_data.json +++ b/app/site/_data/CMSgov/ab2d-sample-client-powershell/ab2d-sample-client-powershell_data.json @@ -1,348 +1,348 @@ { - "url": "https://github.com/CMSgov/ab2d-sample-client-powershell", - "owner": "CMSgov", - "name": "ab2d-sample-client-powershell", - "description": null, - "commits_count": 43, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 17, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 14, - "closed_pull_requests_count": 1, - "forks_count": 0, - "stargazers_count": 3, - "watchers_count": 17, - "total_project_lines": 671, - "average_project_lines": 84, - "total_project_comment_lines": 21, - "average_project_comment_lines": 3, - "total_project_blank_lines": 159, - "average_blank_lines": 20, - "commits_by_month": { - "2025/2": 7, - "2024/10": 1, - "2024/9": 1, - "2024/8": 1, - "2024/7": 2, - "2024/6": 2, - "2023/5": 6, - "2022/5": 1, - "2022/4": 1, - "2022/2": 1, - "2021/11": 1, - "2021/3": 3, - "2020/12": 1, - "2020/11": 2 - }, - "new_commit_contributors_by_day_over_last_month": [ - [ - "2025-02-07T06:00:00.000Z", - 1 - ], - [ - "2025-02-10T06:00:00.000Z", - 1 - ], - [ - "2025-02-18T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/ab2d-sample-client-powershell", + "owner": "CMSgov", + "name": "ab2d-sample-client-powershell", + "description": null, + "commits_count": 43, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 17, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 14, + "closed_pull_requests_count": 1, + "forks_count": 0, + "stargazers_count": 3, + "watchers_count": 17, + "total_project_lines": 671, + "average_project_lines": 84, + "total_project_comment_lines": 21, + "average_project_comment_lines": 3, + "total_project_blank_lines": 159, + "average_blank_lines": 20, + "commits_by_month": { + "2025/2": 7, + "2024/10": 1, + "2024/9": 1, + "2024/8": 1, + "2024/7": 2, + "2024/6": 2, + "2023/5": 6, + "2022/5": 1, + "2022/4": 1, + "2022/2": 1, + "2021/11": 1, + "2021/3": 3, + "2020/12": 1, + "2020/11": 2 + }, + "new_commit_contributors_by_day_over_last_month": [ + [ + "2025-02-07T06:00:00.000Z", + 1 ], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-10-21T05:00:00.000Z", - 1 - ], - [ - "2025-02-07T06:00:00.000Z", - 1 - ], - [ - "2025-02-10T06:00:00.000Z", - 1 - ], - [ - "2025-02-18T06:00:00.000Z", - 1 - ] + [ + "2025-02-10T06:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-11-03T16:42:23Z", - "ossf_scorecard": { - "date": "2025-02-23T16:40:02Z", - "repo": { - "name": "github.com/CMSgov/ab2d-sample-client-powershell", - "commit": "69199634fdb176a78966421f840fe564bdea7275" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 3, - "reason": "3 out of 10 merged PRs checked by a CI test -- score normalized to 3", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 10/11 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 5, - "reason": "7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 10666, - "CodeBytes": 0, - "Lines": 260, - "Code": 166, - "Comment": 0, - "Blank": 94, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Powershell", - "Bytes": 9916, - "CodeBytes": 0, - "Lines": 270, - "Code": 197, - "Comment": 22, - "Blank": 51, - "Complexity": 33, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7048, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 770, - "CodeBytes": 0, - "Lines": 23, - "Code": 21, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 11723.330237768474, - "estimatedScheduleMonths_low": 2.6294577762238465, - "estimatedPeople_low": 0.43434447911903984, - "estimatedCost_high": 36535.01724087351, - "estimatedScheduleMonths_high": 2.6294577762238465, - "estimatedPeople_high": 0.43434447911903984, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 3 260 94 0 166 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nPowershell 3 270 51 22 197 33\n(ULOC) 144\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 23 2 0 21 0\n(ULOC) 20\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 8 674 159 22 493 33\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 404\nDRYness % 0.60\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $12,855\nEstimated Schedule Effort (organic) 2.63 months\nEstimated People Required (organic) 0.43\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 28400 bytes, 0.028 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2025-02-18T06:00:00.000Z", + 1 + ] + ], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-10-21T05:00:00.000Z", + 1 + ], + [ + "2025-02-07T06:00:00.000Z", + 1 + ], + [ + "2025-02-10T06:00:00.000Z", + 1 + ], + [ + "2025-02-18T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-11-03T16:42:23Z", + "ossf_scorecard": { + "date": "2025-02-23T16:40:02Z", + "repo": { + "name": "github.com/CMSgov/ab2d-sample-client-powershell", + "commit": "69199634fdb176a78966421f840fe564bdea7275" }, - "predominant_langs": { - "PowerShell": 9916 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 3, + "reason": "3 out of 10 merged PRs checked by a CI test -- score normalized to 3", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 10/11 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 5, + "reason": "7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 10666, + "CodeBytes": 0, + "Lines": 260, + "Code": 166, + "Comment": 0, + "Blank": 94, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Powershell", + "Bytes": 9916, + "CodeBytes": 0, + "Lines": 270, + "Code": 197, + "Comment": 22, + "Blank": 51, + "Complexity": 33, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7048, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 770, + "CodeBytes": 0, + "Lines": 23, + "Code": 21, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 11723.330237768474, + "estimatedScheduleMonths_low": 2.6294577762238465, + "estimatedPeople_low": 0.43434447911903984, + "estimatedCost_high": 36535.01724087351, + "estimatedScheduleMonths_high": 2.6294577762238465, + "estimatedPeople_high": 0.43434447911903984, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 3 260 94 0 166 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nPowershell 3 270 51 22 197 33\n(ULOC) 144\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 23 2 0 21 0\n(ULOC) 20\n───────────────────────────────────────────────────────────────────────────────\nTotal 8 674 159 22 493 33\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 404\nDRYness % 0.60\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $12,855\nEstimated Schedule Effort (organic) 2.63 months\nEstimated People Required (organic) 0.43\n───────────────────────────────────────────────────────────────────────────────\nProcessed 28400 bytes, 0.028 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "PowerShell": 9916 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ab2d-sample-client-python/ab2d-sample-client-python_data.json b/app/site/_data/CMSgov/ab2d-sample-client-python/ab2d-sample-client-python_data.json index ea4eb86411..ab8fecc8ce 100644 --- a/app/site/_data/CMSgov/ab2d-sample-client-python/ab2d-sample-client-python_data.json +++ b/app/site/_data/CMSgov/ab2d-sample-client-python/ab2d-sample-client-python_data.json @@ -1,342 +1,342 @@ { - "url": "https://github.com/CMSgov/ab2d-sample-client-python", - "owner": "CMSgov", - "name": "ab2d-sample-client-python", - "description": null, - "commits_count": 43, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 15, - "open_pull_requests_count": 3, - "merged_pull_requests_count": 11, - "closed_pull_requests_count": 1, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 16, - "total_project_lines": 1218, - "average_project_lines": 174, - "total_project_comment_lines": 96, - "average_project_comment_lines": 14, - "total_project_blank_lines": 343, - "average_blank_lines": 49, - "commits_by_month": { - "2025/2": 12, - "2024/10": 1, - "2024/8": 3, - "2024/7": 2, - "2024/6": 2, - "2023/5": 8, - "2022/5": 1, - "2022/4": 1 - }, - "new_commit_contributors_by_day_over_last_month": [ - [ - "2025-02-07T06:00:00.000Z", - 1 - ], - [ - "2025-02-10T06:00:00.000Z", - 1 - ], - [ - "2025-02-12T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/ab2d-sample-client-python", + "owner": "CMSgov", + "name": "ab2d-sample-client-python", + "description": null, + "commits_count": 43, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 15, + "open_pull_requests_count": 3, + "merged_pull_requests_count": 11, + "closed_pull_requests_count": 1, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 16, + "total_project_lines": 1218, + "average_project_lines": 174, + "total_project_comment_lines": 96, + "average_project_comment_lines": 14, + "total_project_blank_lines": 343, + "average_blank_lines": 49, + "commits_by_month": { + "2025/2": 12, + "2024/10": 1, + "2024/8": 3, + "2024/7": 2, + "2024/6": 2, + "2023/5": 8, + "2022/5": 1, + "2022/4": 1 + }, + "new_commit_contributors_by_day_over_last_month": [ + [ + "2025-02-07T06:00:00.000Z", + 1 ], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-10-21T05:00:00.000Z", - 1 - ], - [ - "2025-02-07T06:00:00.000Z", - 1 - ], - [ - "2025-02-10T06:00:00.000Z", - 1 - ], - [ - "2025-02-12T06:00:00.000Z", - 1 - ] + [ + "2025-02-10T06:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-11-03T16:43:27Z", - "ossf_scorecard": { - "date": "2025-02-23T16:42:29Z", - "repo": { - "name": "github.com/CMSgov/ab2d-sample-client-python", - "commit": "0e7fb26274a89f2d1aae140adfccd3faa0fad7a3" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 4, - "reason": "3 out of 7 merged PRs checked by a CI test -- score normalized to 4", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 8, - "reason": "SAST tool detected but not run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 19137, - "CodeBytes": 0, - "Lines": 620, - "Code": 396, - "Comment": 0, - "Blank": 224, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 3131, - "CodeBytes": 0, - "Lines": 91, - "Code": 48, - "Comment": 30, - "Blank": 13, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7048, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 13771, - "CodeBytes": 0, - "Lines": 386, - "Code": 226, - "Comment": 66, - "Blank": 94, - "Complexity": 46, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 18952.917153613074, - "estimatedScheduleMonths_low": 3.1560489186112917, - "estimatedPeople_low": 0.5850349964955743, - "estimatedCost_high": 59065.56762696017, - "estimatedScheduleMonths_high": 3.1560489186112917, - "estimatedPeople_high": 0.5850349964955743, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 3 620 224 0 396 0\n(ULOC) 255\n-------------------------------------------------------------------------------\nYAML 2 91 13 30 48 0\n(ULOC) 71\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nPython 1 386 94 66 226 46\n(ULOC) 250\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 7 1218 343 96 779 46\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 682\nDRYness % 0.56\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $20,783\nEstimated Schedule Effort (organic) 3.16 months\nEstimated People Required (organic) 0.59\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 43087 bytes, 0.043 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2025-02-12T06:00:00.000Z", + 1 + ] + ], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-10-21T05:00:00.000Z", + 1 + ], + [ + "2025-02-07T06:00:00.000Z", + 1 + ], + [ + "2025-02-10T06:00:00.000Z", + 1 + ], + [ + "2025-02-12T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-11-03T16:43:27Z", + "ossf_scorecard": { + "date": "2025-02-23T16:42:29Z", + "repo": { + "name": "github.com/CMSgov/ab2d-sample-client-python", + "commit": "0e7fb26274a89f2d1aae140adfccd3faa0fad7a3" }, - "predominant_langs": { - "Python": 13771 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 4, + "reason": "3 out of 7 merged PRs checked by a CI test -- score normalized to 4", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 8, + "reason": "SAST tool detected but not run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 19137, + "CodeBytes": 0, + "Lines": 620, + "Code": 396, + "Comment": 0, + "Blank": 224, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 3131, + "CodeBytes": 0, + "Lines": 91, + "Code": 48, + "Comment": 30, + "Blank": 13, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7048, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 13771, + "CodeBytes": 0, + "Lines": 386, + "Code": 226, + "Comment": 66, + "Blank": 94, + "Complexity": 46, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 18952.917153613074, + "estimatedScheduleMonths_low": 3.1560489186112917, + "estimatedPeople_low": 0.5850349964955743, + "estimatedCost_high": 59065.56762696017, + "estimatedScheduleMonths_high": 3.1560489186112917, + "estimatedPeople_high": 0.5850349964955743, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 3 620 224 0 396 0\n(ULOC) 255\n-------------------------------------------------------------------------------\nYAML 2 91 13 30 48 0\n(ULOC) 71\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nPython 1 386 94 66 226 46\n(ULOC) 250\n───────────────────────────────────────────────────────────────────────────────\nTotal 7 1218 343 96 779 46\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 682\nDRYness % 0.56\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $20,783\nEstimated Schedule Effort (organic) 3.16 months\nEstimated People Required (organic) 0.59\n───────────────────────────────────────────────────────────────────────────────\nProcessed 43087 bytes, 0.043 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Python": 13771 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ab2d/ab2d_data.json b/app/site/_data/CMSgov/ab2d/ab2d_data.json index 5bd50d6fa0..abd7e03fcc 100644 --- a/app/site/_data/CMSgov/ab2d/ab2d_data.json +++ b/app/site/_data/CMSgov/ab2d/ab2d_data.json @@ -1,487 +1,487 @@ { - "url": "https://github.com/CMSgov/ab2d", - "owner": "CMSgov", - "name": "ab2d", - "description": "Claims Data to Part D Sponsors API", - "commits_count": 946, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1444, - "open_pull_requests_count": 17, - "merged_pull_requests_count": 950, - "closed_pull_requests_count": 477, - "forks_count": 2, - "stargazers_count": 9, - "watchers_count": 18, - "total_project_lines": 43109, - "average_project_lines": 91, - "total_project_comment_lines": 3552, - "average_project_comment_lines": 7, - "total_project_blank_lines": 7477, - "average_blank_lines": 16, - "commits_by_month": { - "2025/2": 2, - "2025/1": 6, - "2024/12": 3, - "2024/11": 3, - "2024/10": 9, - "2024/9": 3, - "2024/8": 4 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-19T05:00:00.000Z", - 1 - ], - [ - "2024-09-20T05:00:00.000Z", - 1 - ], - [ - "2024-10-01T05:00:00.000Z", - 1 - ], - [ - "2024-10-04T05:00:00.000Z", - 1 - ], - [ - "2024-10-07T05:00:00.000Z", - 1 - ], - [ - "2024-10-21T05:00:00.000Z", - 1 - ], - [ - "2024-10-23T05:00:00.000Z", - 1 - ], - [ - "2024-10-25T05:00:00.000Z", - 1 - ], - [ - "2024-11-12T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/ab2d", + "owner": "CMSgov", + "name": "ab2d", + "description": "Claims Data to Part D Sponsors API", + "commits_count": 946, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1444, + "open_pull_requests_count": 17, + "merged_pull_requests_count": 950, + "closed_pull_requests_count": 477, + "forks_count": 2, + "stargazers_count": 9, + "watchers_count": 18, + "total_project_lines": 43109, + "average_project_lines": 91, + "total_project_comment_lines": 3552, + "average_project_comment_lines": 7, + "total_project_blank_lines": 7477, + "average_blank_lines": 16, + "commits_by_month": { + "2025/2": 2, + "2025/1": 6, + "2024/12": 3, + "2024/11": 3, + "2024/10": 9, + "2024/9": 3, + "2024/8": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-19T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2019-09-25T17:41:43Z", - "ossf_scorecard": { - "date": "2025-02-23T16:37:44Z", - "repo": { - "name": "github.com/CMSgov/ab2d", - "commit": "85c6ae8e56bc3379c1121ea4760e010f58df6171" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.7, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 8, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 18 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 9, - "reason": "11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 1, - "reason": "dependency not pinned by hash detected -- score normalized to 1", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 1450678, - "CodeBytes": 0, - "Lines": 35438, - "Code": 26040, - "Comment": 2817, - "Blank": 6581, - "Complexity": 923, - "Count": 330, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 118539, - "CodeBytes": 0, - "Lines": 2374, - "Code": 1407, - "Comment": 448, - "Blank": 519, - "Complexity": 104, - "Count": 85, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 46502, - "CodeBytes": 0, - "Lines": 1403, - "Code": 1226, - "Comment": 63, - "Blank": 114, - "Complexity": 0, - "Count": 24, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 70512, - "CodeBytes": 0, - "Lines": 1831, - "Code": 1646, - "Comment": 97, - "Blank": 88, - "Complexity": 0, - "Count": 21, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 21604, - "CodeBytes": 0, - "Lines": 572, - "Code": 324, - "Comment": 106, - "Blank": 142, - "Complexity": 0, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 6672, - "CodeBytes": 0, - "Lines": 151, - "Code": 101, - "Comment": 0, - "Blank": 50, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 1379, - "CodeBytes": 0, - "Lines": 44, - "Code": 31, - "Comment": 7, - "Blank": 6, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 42335, - "CodeBytes": 0, - "Lines": 1552, - "Code": 1552, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7048, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 59, - "CodeBytes": 0, - "Lines": 3, - "Code": 3, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 10, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 2280, - "CodeBytes": 0, - "Lines": 80, - "Code": 56, - "Comment": 8, - "Blank": 16, - "Complexity": 12, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 952974.6626443791, - "estimatedScheduleMonths_low": 13.985491583195145, - "estimatedPeople_low": 6.6382426875880345, - "estimatedCost_high": 2969885.264995775, - "estimatedScheduleMonths_high": 13.985491583195145, - "estimatedPeople_high": 6.6382426875880345, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 330 35438 6581 2817 26040 923\n(ULOC) 13738\n-------------------------------------------------------------------------------\nSQL 85 2374 519 448 1407 104\n(ULOC) 1295\n-------------------------------------------------------------------------------\nYAML 24 1403 114 63 1226 0\n(ULOC) 650\n-------------------------------------------------------------------------------\nXML 21 1831 88 97 1646 0\n(ULOC) 668\n-------------------------------------------------------------------------------\nProperties File 10 572 142 106 324 0\n(ULOC) 237\n-------------------------------------------------------------------------------\nMarkdown 4 151 50 0 101 0\n(ULOC) 96\n-------------------------------------------------------------------------------\nDockerfile 2 44 6 7 31 0\n(ULOC) 27\n-------------------------------------------------------------------------------\nJSON 2 1552 0 0 1552 0\n(ULOC) 624\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMakefile 1 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nPlain Text 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nShell 1 80 16 8 56 12\n(ULOC) 62\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 483 43579 7530 3546 32503 1039\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 17493\nDRYness % 0.40\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $1,044,996\nEstimated Schedule Effort (organic) 13.99 months\nEstimated People Required (organic) 6.64\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 1768000 bytes, 1.768 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-09-20T05:00:00.000Z", + 1 + ], + [ + "2024-10-01T05:00:00.000Z", + 1 + ], + [ + "2024-10-04T05:00:00.000Z", + 1 + ], + [ + "2024-10-07T05:00:00.000Z", + 1 + ], + [ + "2024-10-21T05:00:00.000Z", + 1 + ], + [ + "2024-10-23T05:00:00.000Z", + 1 + ], + [ + "2024-10-25T05:00:00.000Z", + 1 + ], + [ + "2024-11-12T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2019-09-25T17:41:43Z", + "ossf_scorecard": { + "date": "2025-02-23T16:37:44Z", + "repo": { + "name": "github.com/CMSgov/ab2d", + "commit": "85c6ae8e56bc3379c1121ea4760e010f58df6171" }, - "predominant_langs": { - "Java": 1450678, - "PLpgSQL": 8222, - "Shell": 2280, - "Dockerfile": 1379, - "Makefile": 59 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 6.7, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 8, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 18 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 9, + "reason": "11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 1, + "reason": "dependency not pinned by hash detected -- score normalized to 1", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 1450678, + "CodeBytes": 0, + "Lines": 35438, + "Code": 26040, + "Comment": 2817, + "Blank": 6581, + "Complexity": 923, + "Count": 330, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 118539, + "CodeBytes": 0, + "Lines": 2374, + "Code": 1407, + "Comment": 448, + "Blank": 519, + "Complexity": 104, + "Count": 85, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 46502, + "CodeBytes": 0, + "Lines": 1403, + "Code": 1226, + "Comment": 63, + "Blank": 114, + "Complexity": 0, + "Count": 24, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 70512, + "CodeBytes": 0, + "Lines": 1831, + "Code": 1646, + "Comment": 97, + "Blank": 88, + "Complexity": 0, + "Count": 21, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 21604, + "CodeBytes": 0, + "Lines": 572, + "Code": 324, + "Comment": 106, + "Blank": 142, + "Complexity": 0, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 6672, + "CodeBytes": 0, + "Lines": 151, + "Code": 101, + "Comment": 0, + "Blank": 50, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 1379, + "CodeBytes": 0, + "Lines": 44, + "Code": 31, + "Comment": 7, + "Blank": 6, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 42335, + "CodeBytes": 0, + "Lines": 1552, + "Code": 1552, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7048, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 59, + "CodeBytes": 0, + "Lines": 3, + "Code": 3, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 10, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 2280, + "CodeBytes": 0, + "Lines": 80, + "Code": 56, + "Comment": 8, + "Blank": 16, + "Complexity": 12, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 952974.6626443791, + "estimatedScheduleMonths_low": 13.985491583195145, + "estimatedPeople_low": 6.6382426875880345, + "estimatedCost_high": 2969885.264995775, + "estimatedScheduleMonths_high": 13.985491583195145, + "estimatedPeople_high": 6.6382426875880345, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 330 35438 6581 2817 26040 923\n(ULOC) 13738\n-------------------------------------------------------------------------------\nSQL 85 2374 519 448 1407 104\n(ULOC) 1295\n-------------------------------------------------------------------------------\nYAML 24 1403 114 63 1226 0\n(ULOC) 650\n-------------------------------------------------------------------------------\nXML 21 1831 88 97 1646 0\n(ULOC) 668\n-------------------------------------------------------------------------------\nProperties File 10 572 142 106 324 0\n(ULOC) 237\n-------------------------------------------------------------------------------\nMarkdown 4 151 50 0 101 0\n(ULOC) 96\n-------------------------------------------------------------------------------\nDockerfile 2 44 6 7 31 0\n(ULOC) 27\n-------------------------------------------------------------------------------\nJSON 2 1552 0 0 1552 0\n(ULOC) 624\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMakefile 1 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nPlain Text 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nShell 1 80 16 8 56 12\n(ULOC) 62\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 483 43579 7530 3546 32503 1039\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 17493\nDRYness % 0.40\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,044,996\nEstimated Schedule Effort (organic) 13.99 months\nEstimated People Required (organic) 6.64\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1768000 bytes, 1.768 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 1450678, + "PLpgSQL": 8222, + "Shell": 2280, + "Dockerfile": 1379, + "Makefile": 59 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ai_website/ai_website_data.json b/app/site/_data/CMSgov/ai_website/ai_website_data.json index 8168a16e8c..421e425179 100644 --- a/app/site/_data/CMSgov/ai_website/ai_website_data.json +++ b/app/site/_data/CMSgov/ai_website/ai_website_data.json @@ -1,335 +1,335 @@ { - "url": "https://github.com/CMSgov/ai_website", - "owner": "CMSgov", - "name": "ai_website", - "description": null, - "commits_count": 31, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 7, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 5, - "closed_pull_requests_count": 2, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 10, - "total_project_lines": 38445, - "average_project_lines": 9, - "total_project_comment_lines": 615, - "average_project_comment_lines": 0, - "total_project_blank_lines": 1223, - "average_blank_lines": 0, - "commits_by_month": { - "2024/9": 4, - "2024/5": 7, - "2023/10": 5, - "2023/1": 1, - "2022/12": 13 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-24T05:00:00.000Z", - 1 - ], - [ - "2024-09-25T05:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/ai_website", + "owner": "CMSgov", + "name": "ai_website", + "description": null, + "commits_count": 31, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 7, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 5, + "closed_pull_requests_count": 2, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 10, + "total_project_lines": 38445, + "average_project_lines": 9, + "total_project_comment_lines": 615, + "average_project_comment_lines": 0, + "total_project_blank_lines": 1223, + "average_blank_lines": 0, + "commits_by_month": { + "2024/9": 4, + "2024/5": 7, + "2023/10": 5, + "2023/1": 1, + "2022/12": 13 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-24T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-09-10T16:20:37Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:57Z", - "repo": { - "name": "github.com/CMSgov/ai_website", - "commit": "677edcc745d3bcf47288ddfc3053fc15f9d6d048" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 2/26 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 5 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "SVG", - "Bytes": 1757436, - "CodeBytes": 0, - "Lines": 4336, - "Code": 4336, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 4302, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 824532, - "CodeBytes": 0, - "Lines": 6719, - "Code": 5880, - "Comment": 607, - "Blank": 232, - "Complexity": 309, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 1032492, - "CodeBytes": 0, - "Lines": 26309, - "Code": 25463, - "Comment": 6, - "Blank": 840, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 31328, - "CodeBytes": 0, - "Lines": 572, - "Code": 428, - "Comment": 0, - "Blank": 144, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 32626, - "CodeBytes": 0, - "Lines": 509, - "Code": 500, - "Comment": 2, - "Blank": 7, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 1079702.432672301, - "estimatedScheduleMonths_low": 14.665010291028604, - "estimatedPeople_low": 7.172510882188113, - "estimatedCost_high": 3364824.3453563484, - "estimatedScheduleMonths_high": 14.665010291028604, - "estimatedPeople_high": 7.172510882188113, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nSVG 4302 4336 0 0 4336 0\n(ULOC) 3609\n-------------------------------------------------------------------------------\nJavaScript 4 6719 232 607 5880 309\n(ULOC) 3963\n-------------------------------------------------------------------------------\nCSS 3 26309 840 6 25463 0\n(ULOC) 9290\n-------------------------------------------------------------------------------\nMarkdown 2 572 144 0 428 0\n(ULOC) 376\n-------------------------------------------------------------------------------\nHTML 1 509 7 2 500 0\n(ULOC) 327\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 4312 38445 1223 615 36607 309\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 17550\nDRYness % 0.46\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $1,183,961\nEstimated Schedule Effort (organic) 14.67 months\nEstimated People Required (organic) 7.17\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 3678414 bytes, 3.678 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-09-25T05:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-09-10T16:20:37Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:57Z", + "repo": { + "name": "github.com/CMSgov/ai_website", + "commit": "677edcc745d3bcf47288ddfc3053fc15f9d6d048" }, - "predominant_langs": { - "JavaScript": 743798, - "CSS": 578019, - "HTML": 32626 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 2/26 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 5 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "SVG", + "Bytes": 1757436, + "CodeBytes": 0, + "Lines": 4336, + "Code": 4336, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 4302, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 824532, + "CodeBytes": 0, + "Lines": 6719, + "Code": 5880, + "Comment": 607, + "Blank": 232, + "Complexity": 309, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 1032492, + "CodeBytes": 0, + "Lines": 26309, + "Code": 25463, + "Comment": 6, + "Blank": 840, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 31328, + "CodeBytes": 0, + "Lines": 572, + "Code": 428, + "Comment": 0, + "Blank": 144, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 32626, + "CodeBytes": 0, + "Lines": 509, + "Code": 500, + "Comment": 2, + "Blank": 7, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 1079702.432672301, + "estimatedScheduleMonths_low": 14.665010291028604, + "estimatedPeople_low": 7.172510882188113, + "estimatedCost_high": 3364824.3453563484, + "estimatedScheduleMonths_high": 14.665010291028604, + "estimatedPeople_high": 7.172510882188113, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nSVG 4302 4336 0 0 4336 0\n(ULOC) 3609\n-------------------------------------------------------------------------------\nJavaScript 4 6719 232 607 5880 309\n(ULOC) 3963\n-------------------------------------------------------------------------------\nCSS 3 26309 840 6 25463 0\n(ULOC) 9290\n-------------------------------------------------------------------------------\nMarkdown 2 572 144 0 428 0\n(ULOC) 376\n-------------------------------------------------------------------------------\nHTML 1 509 7 2 500 0\n(ULOC) 327\n───────────────────────────────────────────────────────────────────────────────\nTotal 4312 38445 1223 615 36607 309\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 17550\nDRYness % 0.46\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,183,961\nEstimated Schedule Effort (organic) 14.67 months\nEstimated People Required (organic) 7.17\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3678414 bytes, 3.678 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 743798, + "CSS": 578019, + "HTML": 32626 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ansible-role-appian/ansible-role-appian_data.json b/app/site/_data/CMSgov/ansible-role-appian/ansible-role-appian_data.json index d537982c40..602c84a73a 100644 --- a/app/site/_data/CMSgov/ansible-role-appian/ansible-role-appian_data.json +++ b/app/site/_data/CMSgov/ansible-role-appian/ansible-role-appian_data.json @@ -1,306 +1,306 @@ { - "url": "https://github.com/CMSgov/ansible-role-appian", - "owner": "CMSgov", - "name": "ansible-role-appian", - "description": "Ansible deployment code for Appian", - "commits_count": 1, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 7, - "total_project_lines": 1950, - "average_project_lines": 42, - "total_project_comment_lines": 4, - "average_project_comment_lines": 0, - "total_project_blank_lines": 246, - "average_blank_lines": 5, - "commits_by_month": { - "2021/11": 1 + "url": "https://github.com/CMSgov/ansible-role-appian", + "owner": "CMSgov", + "name": "ansible-role-appian", + "description": "Ansible deployment code for Appian", + "commits_count": 1, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 7, + "total_project_lines": 1950, + "average_project_lines": 42, + "total_project_comment_lines": 4, + "average_project_comment_lines": 0, + "total_project_blank_lines": 246, + "average_blank_lines": 5, + "commits_by_month": { + "2021/11": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2021-11-12T15:55:56Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:10Z", + "repo": { + "name": "github.com/CMSgov/ansible-role-appian", + "commit": "2f773d47d480f1555813c4fcfdfcbc305520bb24" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2021-11-12T15:55:56Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:10Z", - "repo": { - "name": "github.com/CMSgov/ansible-role-appian", - "commit": "2f773d47d480f1555813c4fcfdfcbc305520bb24" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/1 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "YAML", - "Bytes": 36959, - "CodeBytes": 0, - "Lines": 1316, - "Code": 1218, - "Comment": 3, - "Blank": 95, - "Complexity": 0, - "Count": 26, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Jinja", - "Bytes": 9358, - "CodeBytes": 0, - "Lines": 266, - "Code": 240, - "Comment": 0, - "Blank": 26, - "Complexity": 11, - "Count": 15, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 16374, - "CodeBytes": 0, - "Lines": 366, - "Code": 241, - "Comment": 0, - "Blank": 125, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 119, - "CodeBytes": 0, - "Lines": 2, - "Code": 1, - "Comment": 1, - "Blank": 0, - "Complexity": 2, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 43006.40110699095, - "estimatedScheduleMonths_low": 4.3089296156829135, - "estimatedPeople_low": 0.972328933057795, - "estimatedCost_high": 134026.72909868654, - "estimatedScheduleMonths_high": 4.3089296156829135, - "estimatedPeople_high": 0.972328933057795, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nYAML 26 1316 95 3 1218 0\n(ULOC) 624\n-------------------------------------------------------------------------------\nJinja 15 266 26 0 240 11\n(ULOC) 168\n-------------------------------------------------------------------------------\nMarkdown 4 366 125 0 241 0\n(ULOC) 206\n-------------------------------------------------------------------------------\nShell 1 2 0 1 1 2\n(ULOC) 2\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 46 1950 246 4 1700 13\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 997\nDRYness % 0.51\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $47,159\nEstimated Schedule Effort (organic) 4.31 months\nEstimated People Required (organic) 0.97\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 62810 bytes, 0.063 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Jinja": 9358, - "Shell": 119 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/1 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "YAML", + "Bytes": 36959, + "CodeBytes": 0, + "Lines": 1316, + "Code": 1218, + "Comment": 3, + "Blank": 95, + "Complexity": 0, + "Count": 26, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Jinja", + "Bytes": 9358, + "CodeBytes": 0, + "Lines": 266, + "Code": 240, + "Comment": 0, + "Blank": 26, + "Complexity": 11, + "Count": 15, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 16374, + "CodeBytes": 0, + "Lines": 366, + "Code": 241, + "Comment": 0, + "Blank": 125, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 119, + "CodeBytes": 0, + "Lines": 2, + "Code": 1, + "Comment": 1, + "Blank": 0, + "Complexity": 2, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 43006.40110699095, + "estimatedScheduleMonths_low": 4.3089296156829135, + "estimatedPeople_low": 0.972328933057795, + "estimatedCost_high": 134026.72909868654, + "estimatedScheduleMonths_high": 4.3089296156829135, + "estimatedPeople_high": 0.972328933057795, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nYAML 26 1316 95 3 1218 0\n(ULOC) 624\n-------------------------------------------------------------------------------\nJinja 15 266 26 0 240 11\n(ULOC) 168\n-------------------------------------------------------------------------------\nMarkdown 4 366 125 0 241 0\n(ULOC) 206\n-------------------------------------------------------------------------------\nShell 1 2 0 1 1 2\n(ULOC) 2\n───────────────────────────────────────────────────────────────────────────────\nTotal 46 1950 246 4 1700 13\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 997\nDRYness % 0.51\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $47,159\nEstimated Schedule Effort (organic) 4.31 months\nEstimated People Required (organic) 0.97\n───────────────────────────────────────────────────────────────────────────────\nProcessed 62810 bytes, 0.063 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Jinja": 9358, + "Shell": 119 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/ars-machine-readable/ars-machine-readable_data.json b/app/site/_data/CMSgov/ars-machine-readable/ars-machine-readable_data.json index ff662705a5..5bd0bb288b 100644 --- a/app/site/_data/CMSgov/ars-machine-readable/ars-machine-readable_data.json +++ b/app/site/_data/CMSgov/ars-machine-readable/ars-machine-readable_data.json @@ -1,726 +1,726 @@ { - "url": "https://github.com/CMSgov/ars-machine-readable", - "owner": "CMSgov", - "name": "ars-machine-readable", - "description": "Publish a machine readable version of the ARS standards to facilitate compliance as code efforts.", - "commits_count": 93, - "issues_count": 8, - "open_issues_count": 7, - "closed_issues_count": 1, - "pull_requests_count": 40, - "open_pull_requests_count": 7, - "merged_pull_requests_count": 30, - "closed_pull_requests_count": 3, - "forks_count": 4, - "stargazers_count": 22, - "watchers_count": 17, - "total_project_lines": 316437, - "average_project_lines": 7192, - "total_project_comment_lines": 102, - "average_project_comment_lines": 2, - "total_project_blank_lines": 1339, - "average_blank_lines": 30, - "commits_by_month": { - "2022/12": 4, - "2022/10": 2, - "2022/9": 1, - "2022/8": 23 + "url": "https://github.com/CMSgov/ars-machine-readable", + "owner": "CMSgov", + "name": "ars-machine-readable", + "description": "Publish a machine readable version of the ARS standards to facilitate compliance as code efforts.", + "commits_count": 93, + "issues_count": 8, + "open_issues_count": 7, + "closed_issues_count": 1, + "pull_requests_count": 40, + "open_pull_requests_count": 7, + "merged_pull_requests_count": 30, + "closed_pull_requests_count": 3, + "forks_count": 4, + "stargazers_count": 22, + "watchers_count": 17, + "total_project_lines": 316437, + "average_project_lines": 7192, + "total_project_comment_lines": 102, + "average_project_comment_lines": 2, + "total_project_blank_lines": 1339, + "average_blank_lines": 30, + "commits_by_month": { + "2022/12": 4, + "2022/10": 2, + "2022/9": 1, + "2022/8": 23 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-03-12T16:53:09Z", + "ossf_scorecard": { + "date": "2025-02-23T16:36:17Z", + "repo": { + "name": "github.com/CMSgov/ars-machine-readable", + "commit": "e15e2183310b455f40c6c459cfd0b4d5ab50317d" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-03-12T16:53:09Z", - "ossf_scorecard": { - "date": "2025-02-23T16:36:17Z", - "repo": { - "name": "github.com/CMSgov/ars-machine-readable", - "commit": "e15e2183310b455f40c6c459cfd0b4d5ab50317d" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 10 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 7, - "reason": "Found 7/10 approved changesets -- score normalized to 7", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 8 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "31 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "XML", - "Bytes": 25214311, - "CodeBytes": 0, - "Lines": 308285, - "Code": 301952, - "Comment": 39, - "Blank": 6294, - "Complexity": 0, - "Count": 19, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 17417433, - "CodeBytes": 0, - "Lines": 350901, - "Code": 350901, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Extensible Stylesheet Language Transformations", - "Bytes": 127369, - "CodeBytes": 0, - "Lines": 2629, - "Code": 2165, - "Comment": 0, - "Blank": 464, - "Complexity": 0, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 13069, - "CodeBytes": 0, - "Lines": 898, - "Code": 728, - "Comment": 22, - "Blank": 148, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 7254, - "CodeBytes": 0, - "Lines": 121, - "Code": 76, - "Comment": 0, - "Blank": 45, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 29116, - "CodeBytes": 0, - "Lines": 884, - "Code": 749, - "Comment": 76, - "Blank": 59, - "Complexity": 92, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1614436, - "CodeBytes": 0, - "Lines": 27250, - "Code": 26641, - "Comment": 1, - "Blank": 608, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 540, - "CodeBytes": 0, - "Lines": 19, - "Code": 16, - "Comment": 0, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 23326827.229381885, - "estimatedScheduleMonths_low": 47.142431356841016, - "estimatedPeople_low": 48.20512389669281, - "estimatedCost_high": 72696581.74899021, - "estimatedScheduleMonths_high": 47.142431356841016, - "estimatedPeople_high": 48.20512389669281, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nXML 19 308285 6294 39 301952 0\n(ULOC) 49548\n-------------------------------------------------------------------------------\nJSON 12 350901 0 0 350901 0\n(ULOC) 25721\n-------------------------------------------------------------------------------\nExtensible Styleshe\u2026 8 2629 464 0 2165 0\n(ULOC) 1215\n-------------------------------------------------------------------------------\nCSS 3 898 148 22 728 0\n(ULOC) 156\n-------------------------------------------------------------------------------\nMarkdown 3 121 45 0 76 0\n(ULOC) 75\n-------------------------------------------------------------------------------\nPython 2 884 59 76 749 92\n(ULOC) 406\n-------------------------------------------------------------------------------\nYAML 2 27250 608 1 26641 0\n(ULOC) 10919\n-------------------------------------------------------------------------------\nTOML 1 19 3 0 16 0\n(ULOC) 17\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 50 690987 7621 138 683228 92\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 88028\nDRYness % 0.13\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $25,579,335\nEstimated Schedule Effort (organic) 47.14 months\nEstimated People Required (organic) 48.21\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 44423528 bytes, 44.424 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "XSLT": 127369, - "Python": 29116, - "CSS": 13069 - }, - "average_issue_resolution_time": [ - [ - "ars-machine-readable", - "211 days 07:16:22" - ] - ], - "repo_dependency_libyear_list": [ - [ - "anyio", - 2.6520547945, - "2025-03-01T19:06:32.000" - ], - [ - "argcomplete", - 2.9945205479, - "2025-03-01T19:06:32.000" - ], - [ - "attrs", - 5.2849315068, - "2025-03-01T19:06:32.000" - ], - [ - "bcrypt", - 2.8301369863, - "2025-03-01T19:06:32.000" - ], - [ - "black", - 0.0, - "2025-03-01T19:06:32.000" - ], - [ - "blinker", - 2.3123287671, - "2025-03-01T19:06:32.000" - ], - [ - "certifi", - 2.6301369863, - "2025-03-01T19:06:32.000" - ], - [ - "cffi", - 2.1835616438, - "2025-03-01T19:06:32.000" - ], - [ - "chardet", - 2.6383561644, - "2025-03-01T19:06:32.000" - ], - [ - "charset-normalizer", - 2.5150684932, - "2025-03-01T19:06:32.000" - ], - [ - "click", - 4.6520547945, - "2025-03-01T19:06:32.000" - ], - [ - "cmarkgfm", - 3.3917808219, - "2025-03-01T19:06:32.000" - ], - [ - "compliance-trestle", - 2.7287671233, - "2025-03-01T19:06:32.000" - ], - [ - "complianceio", - -1.0, - "2025-03-01T19:06:32.000" - ], - [ - "cryptography", - 2.9643835616, - "2025-03-01T19:06:32.000" - ], - [ - "datamodel-code-generator", - 2.7589041096, - "2025-03-01T19:06:32.000" - ], - [ - "defusedxml", - 0.0, - "2025-03-01T19:06:32.000" - ], - [ - "dnspython", - 2.5835616438, - "2025-03-01T19:06:32.000" - ], - [ - "email-validator", - 2.1369863014, - "2025-03-01T19:06:32.000" - ], - [ - "et-xmlfile", - 3.501369863, - "2025-03-01T19:06:32.000" - ], - [ - "furl", - 0.0, - "2025-03-01T19:06:32.000" - ], - [ - "genson", - 3.7397260274, - "2025-03-01T19:06:32.000" - ], - [ - "gitdb", - 3.1917808219, - "2025-03-01T19:06:32.000" - ], - [ - "gitpython", - 2.8684931507, - "2025-03-01T19:06:32.000" - ], - [ - "h11", - 1.7315068493, - "2025-03-01T19:06:32.000" - ], - [ - "httpcore", - 2.498630137, - "2025-03-01T19:06:32.000" - ], - [ - "httpx", - 2.5424657534, - "2025-03-01T19:06:32.000" - ], - [ - "idna", - 2.9260273973, - "2025-03-01T19:06:32.000" - ], - [ - "ilcli", - 0.0, - "2025-03-01T19:06:32.000" - ], - [ - "inflect", - 2.4575342466, - "2025-03-01T19:06:32.000" - ], - [ - "isodate", - 2.8219178082, - "2025-03-01T19:06:32.000" - ], - [ - "isort", - 3.301369863, - "2025-03-01T19:06:32.000" - ], - [ - "jinja2", - 3.1150684932, - "2025-03-01T19:06:32.000" - ], - [ - "jsonschema", - 4.6410958904, - "2025-03-01T19:06:32.000" - ], - [ - "markupsafe", - 2.597260274, - "2025-03-01T19:06:32.000" - ], - [ - "mypy-extensions", - 3.301369863, - "2025-03-01T19:06:32.000" - ], - [ - "openapi-schema-validator", - 3.0383561644, - "2025-03-01T19:06:32.000" - ], - [ - "openapi-spec-validator", - 1.7095890411, - "2025-03-01T19:06:32.000" - ], - [ - "openpyxl", - 2.1095890411, - "2025-03-01T19:06:32.000" - ], - [ - "orderedmultidict", - 0.0, - "2025-03-01T19:06:32.000" - ], - [ - "orjson", - 2.504109589, - "2025-03-01T19:06:32.000" - ], - [ - "paramiko", - 2.7232876712, - "2025-03-01T19:06:32.000" - ], - [ - "pathspec", - 2.397260274, - "2025-03-01T19:06:32.000" - ], - [ - "platformdirs", - 2.4191780822, - "2025-03-01T19:06:32.000" - ], - [ - "prance", - 1.8739726027, - "2025-03-01T19:06:32.000" - ], - [ - "pycparser", - 2.397260274, - "2025-03-01T19:06:32.000" - ], - [ - "pydantic", - 2.6849315068, - "2025-03-01T19:06:32.000" - ], - [ - "pynacl", - 0.0, - "2025-03-01T19:06:32.000" - ], - [ - "pyrsistent", - 3.1150684932, - "2025-03-01T19:06:32.000" - ], - [ - "pysnooper", - 2.4383561644, - "2025-03-01T19:06:32.000" - ], - [ - "python-dotenv", - 1.8328767123, - "2025-03-01T19:06:32.000" - ], - [ - "python-frontmatter", - 2.8410958904, - "2025-03-01T19:06:32.000" - ], - [ - "python-slugify", - 3.6109589041, - "2025-03-01T19:06:32.000" - ], - [ - "pywin32", - 2.4493150685, - "2025-03-01T19:06:32.000" - ], - [ - "pyyaml", - 3.5424657534, - "2025-03-01T19:06:32.000" - ], - [ - "requests", - 1.9178082192, - "2025-03-01T19:06:32.000" - ], - [ - "rfc3986", - 0.6767123288, - "2025-03-01T19:06:32.000" - ], - [ - "rtyaml", - 0.0, - "2025-03-01T19:06:32.000" - ], - [ - "ruamel.yaml", - 2.901369863, - "2025-03-01T19:06:32.000" - ], - [ - "ruamel.yaml.clib", - 3.295890411, - "2025-03-01T19:06:32.000" - ], - [ - "semver", - 4.2630136986, - "2025-03-01T19:06:32.000" - ], - [ - "six", - 3.5863013699, - "2025-03-01T19:06:32.000" - ], - [ - "smmap", - 3.2164383562, - "2025-03-01T19:06:32.000" - ], - [ - "sniffio", - 3.3753424658, - "2025-03-01T19:06:32.000" - ], - [ - "text-unidecode", - 0.0, - "2025-03-01T19:06:32.000" - ], - [ - "toml", - 0.0, - "2025-03-01T19:06:32.000" - ], - [ - "tomli", - 2.9589041096, - "2025-03-01T19:06:32.000" - ], - [ - "typed-ast", - 1.1178082192, - "2025-03-01T19:06:32.000" - ], - [ - "typing-extensions", - 1.9369863014, - "2025-03-01T19:06:32.000" - ], - [ - "urllib3", - 2.4602739726, - "2025-03-01T19:06:32.000" - ] + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 10 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 7, + "reason": "Found 7/10 approved changesets -- score normalized to 7", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 8 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "31 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "XML", + "Bytes": 25214311, + "CodeBytes": 0, + "Lines": 308285, + "Code": 301952, + "Comment": 39, + "Blank": 6294, + "Complexity": 0, + "Count": 19, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 17417433, + "CodeBytes": 0, + "Lines": 350901, + "Code": 350901, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Extensible Stylesheet Language Transformations", + "Bytes": 127369, + "CodeBytes": 0, + "Lines": 2629, + "Code": 2165, + "Comment": 0, + "Blank": 464, + "Complexity": 0, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 13069, + "CodeBytes": 0, + "Lines": 898, + "Code": 728, + "Comment": 22, + "Blank": 148, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 7254, + "CodeBytes": 0, + "Lines": 121, + "Code": 76, + "Comment": 0, + "Blank": 45, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 29116, + "CodeBytes": 0, + "Lines": 884, + "Code": 749, + "Comment": 76, + "Blank": 59, + "Complexity": 92, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1614436, + "CodeBytes": 0, + "Lines": 27250, + "Code": 26641, + "Comment": 1, + "Blank": 608, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 540, + "CodeBytes": 0, + "Lines": 19, + "Code": 16, + "Comment": 0, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 23326827.229381885, + "estimatedScheduleMonths_low": 47.142431356841016, + "estimatedPeople_low": 48.20512389669281, + "estimatedCost_high": 72696581.74899021, + "estimatedScheduleMonths_high": 47.142431356841016, + "estimatedPeople_high": 48.20512389669281, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nXML 19 308285 6294 39 301952 0\n(ULOC) 49548\n-------------------------------------------------------------------------------\nJSON 12 350901 0 0 350901 0\n(ULOC) 25721\n-------------------------------------------------------------------------------\nExtensible Styleshe… 8 2629 464 0 2165 0\n(ULOC) 1215\n-------------------------------------------------------------------------------\nCSS 3 898 148 22 728 0\n(ULOC) 156\n-------------------------------------------------------------------------------\nMarkdown 3 121 45 0 76 0\n(ULOC) 75\n-------------------------------------------------------------------------------\nPython 2 884 59 76 749 92\n(ULOC) 406\n-------------------------------------------------------------------------------\nYAML 2 27250 608 1 26641 0\n(ULOC) 10919\n-------------------------------------------------------------------------------\nTOML 1 19 3 0 16 0\n(ULOC) 17\n───────────────────────────────────────────────────────────────────────────────\nTotal 50 690987 7621 138 683228 92\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 88028\nDRYness % 0.13\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $25,579,335\nEstimated Schedule Effort (organic) 47.14 months\nEstimated People Required (organic) 48.21\n───────────────────────────────────────────────────────────────────────────────\nProcessed 44423528 bytes, 44.424 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "XSLT": 127369, + "Python": 29116, + "CSS": 13069 + }, + "average_issue_resolution_time": [ + [ + "ars-machine-readable", + "211 days 07:16:22" + ] + ], + "repo_dependency_libyear_list": [ + [ + "anyio", + 2.6520547945, + "2025-03-01T19:06:32.000" + ], + [ + "argcomplete", + 2.9945205479, + "2025-03-01T19:06:32.000" + ], + [ + "attrs", + 5.2849315068, + "2025-03-01T19:06:32.000" + ], + [ + "bcrypt", + 2.8301369863, + "2025-03-01T19:06:32.000" + ], + [ + "black", + 0.0, + "2025-03-01T19:06:32.000" + ], + [ + "blinker", + 2.3123287671, + "2025-03-01T19:06:32.000" + ], + [ + "certifi", + 2.6301369863, + "2025-03-01T19:06:32.000" + ], + [ + "cffi", + 2.1835616438, + "2025-03-01T19:06:32.000" + ], + [ + "chardet", + 2.6383561644, + "2025-03-01T19:06:32.000" + ], + [ + "charset-normalizer", + 2.5150684932, + "2025-03-01T19:06:32.000" + ], + [ + "click", + 4.6520547945, + "2025-03-01T19:06:32.000" + ], + [ + "cmarkgfm", + 3.3917808219, + "2025-03-01T19:06:32.000" + ], + [ + "compliance-trestle", + 2.7287671233, + "2025-03-01T19:06:32.000" + ], + [ + "complianceio", + -1.0, + "2025-03-01T19:06:32.000" + ], + [ + "cryptography", + 2.9643835616, + "2025-03-01T19:06:32.000" + ], + [ + "datamodel-code-generator", + 2.7589041096, + "2025-03-01T19:06:32.000" + ], + [ + "defusedxml", + 0.0, + "2025-03-01T19:06:32.000" + ], + [ + "dnspython", + 2.5835616438, + "2025-03-01T19:06:32.000" + ], + [ + "email-validator", + 2.1369863014, + "2025-03-01T19:06:32.000" + ], + [ + "et-xmlfile", + 3.501369863, + "2025-03-01T19:06:32.000" + ], + [ + "furl", + 0.0, + "2025-03-01T19:06:32.000" + ], + [ + "genson", + 3.7397260274, + "2025-03-01T19:06:32.000" + ], + [ + "gitdb", + 3.1917808219, + "2025-03-01T19:06:32.000" + ], + [ + "gitpython", + 2.8684931507, + "2025-03-01T19:06:32.000" + ], + [ + "h11", + 1.7315068493, + "2025-03-01T19:06:32.000" + ], + [ + "httpcore", + 2.498630137, + "2025-03-01T19:06:32.000" + ], + [ + "httpx", + 2.5424657534, + "2025-03-01T19:06:32.000" + ], + [ + "idna", + 2.9260273973, + "2025-03-01T19:06:32.000" + ], + [ + "ilcli", + 0.0, + "2025-03-01T19:06:32.000" + ], + [ + "inflect", + 2.4575342466, + "2025-03-01T19:06:32.000" + ], + [ + "isodate", + 2.8219178082, + "2025-03-01T19:06:32.000" + ], + [ + "isort", + 3.301369863, + "2025-03-01T19:06:32.000" + ], + [ + "jinja2", + 3.1150684932, + "2025-03-01T19:06:32.000" + ], + [ + "jsonschema", + 4.6410958904, + "2025-03-01T19:06:32.000" + ], + [ + "markupsafe", + 2.597260274, + "2025-03-01T19:06:32.000" + ], + [ + "mypy-extensions", + 3.301369863, + "2025-03-01T19:06:32.000" + ], + [ + "openapi-schema-validator", + 3.0383561644, + "2025-03-01T19:06:32.000" + ], + [ + "openapi-spec-validator", + 1.7095890411, + "2025-03-01T19:06:32.000" + ], + [ + "openpyxl", + 2.1095890411, + "2025-03-01T19:06:32.000" + ], + [ + "orderedmultidict", + 0.0, + "2025-03-01T19:06:32.000" + ], + [ + "orjson", + 2.504109589, + "2025-03-01T19:06:32.000" + ], + [ + "paramiko", + 2.7232876712, + "2025-03-01T19:06:32.000" + ], + [ + "pathspec", + 2.397260274, + "2025-03-01T19:06:32.000" + ], + [ + "platformdirs", + 2.4191780822, + "2025-03-01T19:06:32.000" + ], + [ + "prance", + 1.8739726027, + "2025-03-01T19:06:32.000" + ], + [ + "pycparser", + 2.397260274, + "2025-03-01T19:06:32.000" + ], + [ + "pydantic", + 2.6849315068, + "2025-03-01T19:06:32.000" + ], + [ + "pynacl", + 0.0, + "2025-03-01T19:06:32.000" + ], + [ + "pyrsistent", + 3.1150684932, + "2025-03-01T19:06:32.000" + ], + [ + "pysnooper", + 2.4383561644, + "2025-03-01T19:06:32.000" + ], + [ + "python-dotenv", + 1.8328767123, + "2025-03-01T19:06:32.000" + ], + [ + "python-frontmatter", + 2.8410958904, + "2025-03-01T19:06:32.000" + ], + [ + "python-slugify", + 3.6109589041, + "2025-03-01T19:06:32.000" + ], + [ + "pywin32", + 2.4493150685, + "2025-03-01T19:06:32.000" + ], + [ + "pyyaml", + 3.5424657534, + "2025-03-01T19:06:32.000" + ], + [ + "requests", + 1.9178082192, + "2025-03-01T19:06:32.000" + ], + [ + "rfc3986", + 0.6767123288, + "2025-03-01T19:06:32.000" + ], + [ + "rtyaml", + 0.0, + "2025-03-01T19:06:32.000" + ], + [ + "ruamel.yaml", + 2.901369863, + "2025-03-01T19:06:32.000" + ], + [ + "ruamel.yaml.clib", + 3.295890411, + "2025-03-01T19:06:32.000" + ], + [ + "semver", + 4.2630136986, + "2025-03-01T19:06:32.000" + ], + [ + "six", + 3.5863013699, + "2025-03-01T19:06:32.000" + ], + [ + "smmap", + 3.2164383562, + "2025-03-01T19:06:32.000" + ], + [ + "sniffio", + 3.3753424658, + "2025-03-01T19:06:32.000" + ], + [ + "text-unidecode", + 0.0, + "2025-03-01T19:06:32.000" + ], + [ + "toml", + 0.0, + "2025-03-01T19:06:32.000" + ], + [ + "tomli", + 2.9589041096, + "2025-03-01T19:06:32.000" + ], + [ + "typed-ast", + 1.1178082192, + "2025-03-01T19:06:32.000" + ], + [ + "typing-extensions", + 1.9369863014, + "2025-03-01T19:06:32.000" + ], + [ + "urllib3", + 2.4602739726, + "2025-03-01T19:06:32.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/aws-s3-baseline/aws-s3-baseline_data.json b/app/site/_data/CMSgov/aws-s3-baseline/aws-s3-baseline_data.json index ce35a7901c..c07623010b 100644 --- a/app/site/_data/CMSgov/aws-s3-baseline/aws-s3-baseline_data.json +++ b/app/site/_data/CMSgov/aws-s3-baseline/aws-s3-baseline_data.json @@ -1,324 +1,324 @@ { - "url": "https://github.com/CMSgov/aws-s3-baseline", - "owner": "CMSgov", - "name": "aws-s3-baseline", - "description": null, - "commits_count": 9, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 25, - "total_project_lines": 273, - "average_project_lines": 27, - "total_project_comment_lines": 1, - "average_project_comment_lines": 0, - "total_project_blank_lines": 69, - "average_blank_lines": 7, - "commits_by_month": { - "2020/3": 1, - "2019/7": 3, - "2019/6": 1, - "2018/11": 3, - "2018/10": 1 + "url": "https://github.com/CMSgov/aws-s3-baseline", + "owner": "CMSgov", + "name": "aws-s3-baseline", + "description": null, + "commits_count": 9, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 25, + "total_project_lines": 273, + "average_project_lines": 27, + "total_project_comment_lines": 1, + "average_project_comment_lines": 0, + "total_project_blank_lines": 69, + "average_blank_lines": 7, + "commits_by_month": { + "2020/3": 1, + "2019/7": 3, + "2019/6": 1, + "2018/11": 3, + "2018/10": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2020-02-25T17:30:42Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:28Z", + "repo": { + "name": "github.com/CMSgov/aws-s3-baseline", + "commit": "a262fca5aa381a594671a9191c0163a2a00f16bb" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2020-02-25T17:30:42Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:28Z", - "repo": { - "name": "github.com/CMSgov/aws-s3-baseline", - "commit": "a262fca5aa381a594671a9191c0163a2a00f16bb" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/9 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 16111, - "CodeBytes": 0, - "Lines": 3, - "Code": 3, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Ruby", - "Bytes": 4533, - "CodeBytes": 0, - "Lines": 139, - "Code": 114, - "Comment": 1, - "Blank": 24, - "Complexity": 10, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 494, - "CodeBytes": 0, - "Lines": 18, - "Code": 17, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 65, - "CodeBytes": 0, - "Lines": 4, - "Code": 3, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 4436, - "CodeBytes": 0, - "Lines": 109, - "Code": 66, - "Comment": 0, - "Blank": 43, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 4617.772929669622, - "estimatedScheduleMonths_low": 1.8454878896925284, - "estimatedPeople_low": 0.24376473760178136, - "estimatedCost_high": 14390.99728304101, - "estimatedScheduleMonths_high": 1.8454878896925284, - "estimatedPeople_high": 0.24376473760178136, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 3 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nRuby 3 139 24 1 114 10\n(ULOC) 86\n-------------------------------------------------------------------------------\nYAML 2 18 1 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nGemfile 1 4 1 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nMarkdown 1 109 43 0 66 0\n(ULOC) 63\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 10 273 69 1 203 10\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 171\nDRYness % 0.63\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $5,063\nEstimated Schedule Effort (organic) 1.85 months\nEstimated People Required (organic) 0.24\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 25639 bytes, 0.026 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Ruby": 4598 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/9 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 16111, + "CodeBytes": 0, + "Lines": 3, + "Code": 3, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Ruby", + "Bytes": 4533, + "CodeBytes": 0, + "Lines": 139, + "Code": 114, + "Comment": 1, + "Blank": 24, + "Complexity": 10, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 494, + "CodeBytes": 0, + "Lines": 18, + "Code": 17, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 65, + "CodeBytes": 0, + "Lines": 4, + "Code": 3, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 4436, + "CodeBytes": 0, + "Lines": 109, + "Code": 66, + "Comment": 0, + "Blank": 43, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 4617.772929669622, + "estimatedScheduleMonths_low": 1.8454878896925284, + "estimatedPeople_low": 0.24376473760178136, + "estimatedCost_high": 14390.99728304101, + "estimatedScheduleMonths_high": 1.8454878896925284, + "estimatedPeople_high": 0.24376473760178136, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 3 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nRuby 3 139 24 1 114 10\n(ULOC) 86\n-------------------------------------------------------------------------------\nYAML 2 18 1 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nGemfile 1 4 1 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nMarkdown 1 109 43 0 66 0\n(ULOC) 63\n───────────────────────────────────────────────────────────────────────────────\nTotal 10 273 69 1 203 10\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 171\nDRYness % 0.63\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $5,063\nEstimated Schedule Effort (organic) 1.85 months\nEstimated People Required (organic) 0.24\n───────────────────────────────────────────────────────────────────────────────\nProcessed 25639 bytes, 0.026 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Ruby": 4598 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/batcave-website/batcave-website_data.json b/app/site/_data/CMSgov/batcave-website/batcave-website_data.json index 3e2d555783..35b12bccc4 100644 --- a/app/site/_data/CMSgov/batcave-website/batcave-website_data.json +++ b/app/site/_data/CMSgov/batcave-website/batcave-website_data.json @@ -1,258 +1,258 @@ { - "url": "https://github.com/CMSgov/batcave-website", - "owner": "CMSgov", - "name": "batcave-website", - "description": "Public website landing page for the BATcave kubernetes project", - "commits_count": 1, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 8, - "total_project_lines": 3, - "average_project_lines": 3, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 1, - "average_blank_lines": 1, - "commits_by_month": { - "2021/4": 1 + "url": "https://github.com/CMSgov/batcave-website", + "owner": "CMSgov", + "name": "batcave-website", + "description": "Public website landing page for the BATcave kubernetes project", + "commits_count": 1, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 8, + "total_project_lines": 3, + "average_project_lines": 3, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 1, + "average_blank_lines": 1, + "commits_by_month": { + "2021/4": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2021-04-15T12:54:41Z", + "ossf_scorecard": { + "date": "2025-02-23T16:42:27Z", + "repo": { + "name": "github.com/CMSgov/batcave-website", + "commit": "1267f9ba8744b8766174867446e8d1574b0f56c8" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2021-04-15T12:54:41Z", - "ossf_scorecard": { - "date": "2025-02-23T16:42:27Z", - "repo": { - "name": "github.com/CMSgov/batcave-website", - "commit": "1267f9ba8744b8766174867446e8d1574b0f56c8" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/1 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 151, - "CodeBytes": 0, - "Lines": 3, - "Code": 2, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 36.11130880546491, - "estimatedScheduleMonths_low": 0.2920997927220065, - "estimatedPeople_low": 0.01204374324362692, - "estimatedCost_high": 112.53861002292302, - "estimatedScheduleMonths_high": 0.2920997927220065, - "estimatedPeople_high": 0.01204374324362692, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 1 3 1 0 2 0\n(ULOC) 3\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 1 3 1 0 2 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 3\nDRYness % 1.00\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $39\nEstimated Schedule Effort (organic) 0.29 months\nEstimated People Required (organic) 0.01\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 151 bytes, 0.000 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/1 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 151, + "CodeBytes": 0, + "Lines": 3, + "Code": 2, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 36.11130880546491, + "estimatedScheduleMonths_low": 0.2920997927220065, + "estimatedPeople_low": 0.01204374324362692, + "estimatedCost_high": 112.53861002292302, + "estimatedScheduleMonths_high": 0.2920997927220065, + "estimatedPeople_high": 0.01204374324362692, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 1 3 1 0 2 0\n(ULOC) 3\n───────────────────────────────────────────────────────────────────────────────\nTotal 1 3 1 0 2 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3\nDRYness % 1.00\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $39\nEstimated Schedule Effort (organic) 0.29 months\nEstimated People Required (organic) 0.01\n───────────────────────────────────────────────────────────────────────────────\nProcessed 151 bytes, 0.000 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/bcda-app/bcda-app_data.json b/app/site/_data/CMSgov/bcda-app/bcda-app_data.json index 1b0f50f14e..62cbd5b89e 100644 --- a/app/site/_data/CMSgov/bcda-app/bcda-app_data.json +++ b/app/site/_data/CMSgov/bcda-app/bcda-app_data.json @@ -1,496 +1,496 @@ { - "url": "https://github.com/CMSgov/bcda-app", - "owner": "CMSgov", - "name": "bcda-app", - "description": "Beneficiary Claims Data API", - "commits_count": 947, - "issues_count": 7, - "open_issues_count": 0, - "closed_issues_count": 7, - "pull_requests_count": 1044, - "open_pull_requests_count": 7, - "merged_pull_requests_count": 950, - "closed_pull_requests_count": 87, - "forks_count": 15, - "stargazers_count": 47, - "watchers_count": 24, - "total_project_lines": 126632, - "average_project_lines": 331, - "total_project_comment_lines": 3627, - "average_project_comment_lines": 9, - "total_project_blank_lines": 7094, - "average_blank_lines": 19, - "commits_by_month": { - "2025/2": 12, - "2025/1": 13, - "2024/12": 5 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-17T05:00:00.000Z", - 1 - ], - [ - "2024-09-18T05:00:00.000Z", - 1 - ], - [ - "2024-09-26T05:00:00.000Z", - 1 - ], - [ - "2024-10-04T05:00:00.000Z", - 1 - ], - [ - "2024-10-08T05:00:00.000Z", - 1 - ], - [ - "2024-10-09T05:00:00.000Z", - 1 - ], - [ - "2024-12-17T06:00:00.000Z", - 2 - ] + "url": "https://github.com/CMSgov/bcda-app", + "owner": "CMSgov", + "name": "bcda-app", + "description": "Beneficiary Claims Data API", + "commits_count": 947, + "issues_count": 7, + "open_issues_count": 0, + "closed_issues_count": 7, + "pull_requests_count": 1044, + "open_pull_requests_count": 7, + "merged_pull_requests_count": 950, + "closed_pull_requests_count": 87, + "forks_count": 15, + "stargazers_count": 47, + "watchers_count": 24, + "total_project_lines": 126632, + "average_project_lines": 331, + "total_project_comment_lines": 3627, + "average_project_comment_lines": 9, + "total_project_blank_lines": 7094, + "average_blank_lines": 19, + "commits_by_month": { + "2025/2": 12, + "2025/1": 13, + "2024/12": 5 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-17T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2018-07-20T15:04:55Z", - "ossf_scorecard": { - "date": "2025-02-23T16:34:59Z", - "repo": { - "name": "github.com/CMSgov/bcda-app", - "commit": "a3d7d81b7ab754c0232db1f65a887bf6f2321155" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.0, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 11 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 5, - "reason": "5 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Go", - "Bytes": 1345482, - "CodeBytes": 0, - "Lines": 42815, - "Code": 33583, - "Comment": 2853, - "Blank": 6379, - "Complexity": 4804, - "Count": 200, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 13227942, - "CodeBytes": 0, - "Lines": 155419, - "Code": 154298, - "Comment": 570, - "Blank": 551, - "Complexity": 9, - "Count": 86, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 72622, - "CodeBytes": 0, - "Lines": 2120, - "Code": 1964, - "Comment": 47, - "Blank": 109, - "Complexity": 0, - "Count": 42, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 39811, - "CodeBytes": 0, - "Lines": 1016, - "Code": 701, - "Comment": 0, - "Blank": 315, - "Complexity": 0, - "Count": 26, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 663601, - "CodeBytes": 0, - "Lines": 15791, - "Code": 15788, - "Comment": 0, - "Blank": 3, - "Complexity": 0, - "Count": 22, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 123078, - "CodeBytes": 0, - "Lines": 1262, - "Code": 1181, - "Comment": 81, - "Blank": 0, - "Complexity": 0, - "Count": 14, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 13622, - "CodeBytes": 0, - "Lines": 364, - "Code": 258, - "Comment": 50, - "Blank": 56, - "Complexity": 48, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 3923, - "CodeBytes": 0, - "Lines": 24, - "Code": 24, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "BASH", - "Bytes": 2410, - "CodeBytes": 0, - "Lines": 102, - "Code": 66, - "Comment": 23, - "Blank": 13, - "Complexity": 7, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 262, - "CodeBytes": 0, - "Lines": 13, - "Code": 13, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 914, - "CodeBytes": 0, - "Lines": 21, - "Code": 21, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 13854, - "CodeBytes": 0, - "Lines": 243, - "Code": 164, - "Comment": 33, - "Blank": 46, - "Complexity": 5, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 1517, - "CodeBytes": 0, - "Lines": 60, - "Code": 47, - "Comment": 0, - "Blank": 13, - "Complexity": 4, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 6695457.9398439545, - "estimatedScheduleMonths_low": 29.33751539318169, - "estimatedPeople_low": 22.233429811520473, - "estimatedCost_high": 20865971.213509485, - "estimatedScheduleMonths_high": 29.33751539318169, - "estimatedPeople_high": 22.233429811520473, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nGo 200 42815 6379 2853 33583 4804\n(ULOC) 17950\n-------------------------------------------------------------------------------\nSQL 86 155419 551 570 154298 9\n(ULOC) 113451\n-------------------------------------------------------------------------------\nYAML 42 2120 109 47 1964 0\n(ULOC) 867\n-------------------------------------------------------------------------------\nMarkdown 26 1016 315 0 701 0\n(ULOC) 445\n-------------------------------------------------------------------------------\nJSON 22 15791 3 0 15788 0\n(ULOC) 2471\n-------------------------------------------------------------------------------\nSVG 14 1262 0 81 1181 0\n(ULOC) 1037\n-------------------------------------------------------------------------------\nShell 10 364 56 50 258 48\n(ULOC) 239\n-------------------------------------------------------------------------------\nCSV 7 24 0 0 24 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nBASH 1 102 13 23 66 7\n(ULOC) 77\n-------------------------------------------------------------------------------\nDocker ignore 1 13 0 0 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nJavaScript 1 21 0 0 21 0\n(ULOC) 21\n-------------------------------------------------------------------------------\nMakefile 1 243 46 33 164 5\n(ULOC) 181\n-------------------------------------------------------------------------------\nPython 1 60 13 0 47 4\n(ULOC) 44\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 413 219259 7487 3657 208115 4877\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 136774\nDRYness % 0.62\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $7,341,991\nEstimated Schedule Effort (organic) 29.34 months\nEstimated People Required (organic) 22.23\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 15509420 bytes, 15.509 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-09-18T05:00:00.000Z", + 1 + ], + [ + "2024-09-26T05:00:00.000Z", + 1 + ], + [ + "2024-10-04T05:00:00.000Z", + 1 + ], + [ + "2024-10-08T05:00:00.000Z", + 1 + ], + [ + "2024-10-09T05:00:00.000Z", + 1 + ], + [ + "2024-12-17T06:00:00.000Z", + 2 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2018-07-20T15:04:55Z", + "ossf_scorecard": { + "date": "2025-02-23T16:34:59Z", + "repo": { + "name": "github.com/CMSgov/bcda-app", + "commit": "a3d7d81b7ab754c0232db1f65a887bf6f2321155" }, - "predominant_langs": { - "PLpgSQL": 1665233, - "Go": 1344413, - "Shell": 16032, - "Makefile": 13854, - "Python": 1517, - "JavaScript": 914 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "bcda-app", - "625 days 35:09:56.428571" - ] + "score": 6.0, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 11 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 5, + "reason": "5 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Go", + "Bytes": 1371892, + "CodeBytes": 0, + "Lines": 43841, + "Code": 34402, + "Comment": 2872, + "Blank": 6567, + "Complexity": 4956, + "Count": 208, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 13227942, + "CodeBytes": 0, + "Lines": 155419, + "Code": 154298, + "Comment": 570, + "Blank": 551, + "Complexity": 9, + "Count": 86, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 90196, + "CodeBytes": 0, + "Lines": 2617, + "Code": 2421, + "Comment": 54, + "Blank": 142, + "Complexity": 0, + "Count": 54, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 41186, + "CodeBytes": 0, + "Lines": 1028, + "Code": 709, + "Comment": 0, + "Blank": 319, + "Complexity": 0, + "Count": 28, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 663601, + "CodeBytes": 0, + "Lines": 15791, + "Code": 15788, + "Comment": 0, + "Blank": 3, + "Complexity": 0, + "Count": 22, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 123078, + "CodeBytes": 0, + "Lines": 1262, + "Code": 1181, + "Comment": 81, + "Blank": 0, + "Complexity": 0, + "Count": 14, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 13622, + "CodeBytes": 0, + "Lines": 364, + "Code": 258, + "Comment": 50, + "Blank": 56, + "Complexity": 48, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 3923, + "CodeBytes": 0, + "Lines": 24, + "Code": 24, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "BASH", + "Bytes": 2410, + "CodeBytes": 0, + "Lines": 102, + "Code": 66, + "Comment": 23, + "Blank": 13, + "Complexity": 7, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 262, + "CodeBytes": 0, + "Lines": 13, + "Code": 13, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 914, + "CodeBytes": 0, + "Lines": 21, + "Code": 21, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 13854, + "CodeBytes": 0, + "Lines": 243, + "Code": 164, + "Comment": 33, + "Blank": 46, + "Complexity": 5, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 1517, + "CodeBytes": 0, + "Lines": 60, + "Code": 47, + "Comment": 0, + "Blank": 13, + "Complexity": 4, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "estimatedCost_low": 6738838.79174538, + "estimatedScheduleMonths_low": 29.40960200099209, + "estimatedPeople_low": 22.322633450290887, + "estimatedCost_high": 21001164.89482679, + "estimatedScheduleMonths_high": 29.40960200099209, + "estimatedPeople_high": 22.322633450290887, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nGo 208 43841 6567 2872 34402 4956\n(ULOC) 18261\n-------------------------------------------------------------------------------\nSQL 86 155419 551 570 154298 9\n(ULOC) 113451\n-------------------------------------------------------------------------------\nYAML 54 2617 142 54 2421 0\n(ULOC) 969\n-------------------------------------------------------------------------------\nMarkdown 28 1028 319 0 709 0\n(ULOC) 451\n-------------------------------------------------------------------------------\nJSON 22 15791 3 0 15788 0\n(ULOC) 2471\n-------------------------------------------------------------------------------\nSVG 14 1262 0 81 1181 0\n(ULOC) 1037\n-------------------------------------------------------------------------------\nShell 10 364 56 50 258 48\n(ULOC) 239\n-------------------------------------------------------------------------------\nCSV 7 24 0 0 24 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nBASH 1 102 13 23 66 7\n(ULOC) 77\n-------------------------------------------------------------------------------\nDocker ignore 1 13 0 0 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nJavaScript 1 21 0 0 21 0\n(ULOC) 21\n-------------------------------------------------------------------------------\nMakefile 1 243 46 33 164 5\n(ULOC) 181\n-------------------------------------------------------------------------------\nPython 1 60 13 0 47 4\n(ULOC) 44\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 435 220794 7712 3683 209399 5029\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 137193\nDRYness % 0.62\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $7,389,561\nEstimated Schedule Effort (organic) 29.41 months\nEstimated People Required (organic) 22.32\n───────────────────────────────────────────────────────────────────────────────\nProcessed 15554779 bytes, 15.555 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "PLpgSQL": 1665233, + "Go": 1344413, + "Shell": 16032, + "Makefile": 13854, + "Python": 1517, + "JavaScript": 914 + }, + "average_issue_resolution_time": [ + [ + "bcda-app", + "625 days 35:09:56.428571" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/bcda-ssas-app/bcda-ssas-app_data.json b/app/site/_data/CMSgov/bcda-ssas-app/bcda-ssas-app_data.json index 36bc476f8b..90aae2e3fc 100644 --- a/app/site/_data/CMSgov/bcda-ssas-app/bcda-ssas-app_data.json +++ b/app/site/_data/CMSgov/bcda-ssas-app/bcda-ssas-app_data.json @@ -1,480 +1,480 @@ { - "url": "https://github.com/CMSgov/bcda-ssas-app", - "owner": "CMSgov", - "name": "bcda-ssas-app", - "description": "SSAS component of BCDA application", - "commits_count": 176, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 202, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 175, - "closed_pull_requests_count": 26, - "forks_count": 1, - "stargazers_count": 7, - "watchers_count": 21, - "total_project_lines": 18102, - "average_project_lines": 199, - "total_project_comment_lines": 854, - "average_project_comment_lines": 9, - "total_project_blank_lines": 2011, - "average_blank_lines": 22, - "commits_by_month": { - "2025/2": 2, - "2025/1": 3, - "2024/12": 3, - "2024/11": 3, - "2024/10": 2, - "2024/9": 3, - "2024/8": 1, - "2024/7": 6, - "2024/6": 1, - "2024/5": 3, - "2024/3": 3 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-20T05:00:00.000Z", - 1 - ], - [ - "2024-09-23T05:00:00.000Z", - 1 - ], - [ - "2024-09-26T05:00:00.000Z", - 1 - ], - [ - "2024-10-01T05:00:00.000Z", - 1 - ], - [ - "2024-11-13T06:00:00.000Z", - 2 - ], - [ - "2024-12-23T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/bcda-ssas-app", + "owner": "CMSgov", + "name": "bcda-ssas-app", + "description": "SSAS component of BCDA application", + "commits_count": 176, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 202, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 175, + "closed_pull_requests_count": 26, + "forks_count": 1, + "stargazers_count": 7, + "watchers_count": 21, + "total_project_lines": 18102, + "average_project_lines": 199, + "total_project_comment_lines": 854, + "average_project_comment_lines": 9, + "total_project_blank_lines": 2011, + "average_blank_lines": 22, + "commits_by_month": { + "2025/2": 2, + "2025/1": 3, + "2024/12": 3, + "2024/11": 3, + "2024/10": 2, + "2024/9": 3, + "2024/8": 1, + "2024/7": 6, + "2024/6": 1, + "2024/5": 3, + "2024/3": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-20T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2019-09-25T14:59:52Z", - "ossf_scorecard": { - "date": "2025-02-23T16:37:59Z", - "repo": { - "name": "github.com/CMSgov/bcda-ssas-app", - "commit": "02de50c93b2673f84f01ea1792e4cb1d60d52e6c" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.0, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 9, - "reason": "29 out of 30 merged PRs checked by a CI test -- score normalized to 9", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 6 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 6, - "reason": "8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 2, - "reason": "dependency not pinned by hash detected -- score normalized to 2", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 8, - "reason": "2 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Go", - "Bytes": 405011, - "CodeBytes": 0, - "Lines": 12528, - "Code": 9803, - "Comment": 792, - "Blank": 1933, - "Complexity": 1237, - "Count": 55, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 10495, - "CodeBytes": 0, - "Lines": 327, - "Code": 287, - "Comment": 0, - "Blank": 40, - "Complexity": 2, - "Count": 18, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 38663, - "CodeBytes": 0, - "Lines": 658, - "Code": 461, - "Comment": 0, - "Blank": 197, - "Complexity": 0, - "Count": 17, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 20958, - "CodeBytes": 0, - "Lines": 589, - "Code": 542, - "Comment": 16, - "Blank": 31, - "Complexity": 0, - "Count": 14, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 105525, - "CodeBytes": 0, - "Lines": 1057, - "Code": 989, - "Comment": 68, - "Blank": 0, - "Complexity": 0, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 1438153, - "CodeBytes": 0, - "Lines": 4992, - "Code": 4991, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 7324, - "CodeBytes": 0, - "Lines": 231, - "Code": 165, - "Comment": 21, - "Blank": 45, - "Complexity": 31, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 1997595, - "CodeBytes": 0, - "Lines": 116, - "Code": 51, - "Comment": 65, - "Blank": 0, - "Complexity": 201, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 3742, - "CodeBytes": 0, - "Lines": 127, - "Code": 114, - "Comment": 1, - "Blank": 12, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 153754, - "CodeBytes": 0, - "Lines": 3, - "Code": 2, - "Comment": 1, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 4409, - "CodeBytes": 0, - "Lines": 84, - "Code": 60, - "Comment": 7, - "Blank": 17, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 1521, - "CodeBytes": 0, - "Lines": 60, - "Code": 47, - "Comment": 0, - "Blank": 13, - "Complexity": 4, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 498019.68806932174, - "estimatedScheduleMonths_low": 10.92900176906995, - "estimatedPeople_low": 4.439310516710655, - "estimatedCost_high": 1552046.8604807085, - "estimatedScheduleMonths_high": 10.92900176906995, - "estimatedPeople_high": 4.439310516710655, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nGo 55 12528 1933 792 9803 1237\n(ULOC) 5129\n-------------------------------------------------------------------------------\nSQL 18 327 40 0 287 2\n(ULOC) 168\n-------------------------------------------------------------------------------\nMarkdown 17 658 197 0 461 0\n(ULOC) 314\n-------------------------------------------------------------------------------\nYAML 14 589 31 16 542 0\n(ULOC) 333\n-------------------------------------------------------------------------------\nSVG 10 1057 0 68 989 0\n(ULOC) 803\n-------------------------------------------------------------------------------\nJSON 7 4992 1 0 4991 0\n(ULOC) 749\n-------------------------------------------------------------------------------\nShell 4 231 45 21 165 31\n(ULOC) 142\n-------------------------------------------------------------------------------\nJavaScript 3 116 0 65 51 201\n(ULOC) 76\n-------------------------------------------------------------------------------\nHTML 2 127 12 1 114 0\n(ULOC) 101\n-------------------------------------------------------------------------------\nCSS 1 3 0 1 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nMakefile 1 84 17 7 60 0\n(ULOC) 66\n-------------------------------------------------------------------------------\nPython 1 60 13 0 47 4\n(ULOC) 43\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 134 20781 2291 971 17519 1475\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 7906\nDRYness % 0.38\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $546,109\nEstimated Schedule Effort (organic) 10.93 months\nEstimated People Required (organic) 4.44\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 4187532 bytes, 4.188 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-09-23T05:00:00.000Z", + 1 + ], + [ + "2024-09-26T05:00:00.000Z", + 1 + ], + [ + "2024-10-01T05:00:00.000Z", + 1 + ], + [ + "2024-11-13T06:00:00.000Z", + 2 + ], + [ + "2024-12-23T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2019-09-25T14:59:52Z", + "ossf_scorecard": { + "date": "2025-02-23T16:37:59Z", + "repo": { + "name": "github.com/CMSgov/bcda-ssas-app", + "commit": "02de50c93b2673f84f01ea1792e4cb1d60d52e6c" }, - "predominant_langs": { - "Go": 403527, - "PLpgSQL": 10479, - "Shell": 7324, - "Makefile": 4409, - "HTML": 3742, - "Python": 1521 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 6.0, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 9, + "reason": "29 out of 30 merged PRs checked by a CI test -- score normalized to 9", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 6 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 6, + "reason": "8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 2, + "reason": "dependency not pinned by hash detected -- score normalized to 2", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 8, + "reason": "2 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Go", + "Bytes": 405011, + "CodeBytes": 0, + "Lines": 12528, + "Code": 9803, + "Comment": 792, + "Blank": 1933, + "Complexity": 1237, + "Count": 55, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 10495, + "CodeBytes": 0, + "Lines": 327, + "Code": 287, + "Comment": 0, + "Blank": 40, + "Complexity": 2, + "Count": 18, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 38663, + "CodeBytes": 0, + "Lines": 658, + "Code": 461, + "Comment": 0, + "Blank": 197, + "Complexity": 0, + "Count": 17, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 20958, + "CodeBytes": 0, + "Lines": 589, + "Code": 542, + "Comment": 16, + "Blank": 31, + "Complexity": 0, + "Count": 14, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 105525, + "CodeBytes": 0, + "Lines": 1057, + "Code": 989, + "Comment": 68, + "Blank": 0, + "Complexity": 0, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 1438153, + "CodeBytes": 0, + "Lines": 4992, + "Code": 4991, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 7324, + "CodeBytes": 0, + "Lines": 231, + "Code": 165, + "Comment": 21, + "Blank": 45, + "Complexity": 31, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 1997595, + "CodeBytes": 0, + "Lines": 116, + "Code": 51, + "Comment": 65, + "Blank": 0, + "Complexity": 201, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 3742, + "CodeBytes": 0, + "Lines": 127, + "Code": 114, + "Comment": 1, + "Blank": 12, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 153754, + "CodeBytes": 0, + "Lines": 3, + "Code": 2, + "Comment": 1, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 4409, + "CodeBytes": 0, + "Lines": 84, + "Code": 60, + "Comment": 7, + "Blank": 17, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 1521, + "CodeBytes": 0, + "Lines": 60, + "Code": 47, + "Comment": 0, + "Blank": 13, + "Complexity": 4, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 498019.68806932174, + "estimatedScheduleMonths_low": 10.92900176906995, + "estimatedPeople_low": 4.439310516710655, + "estimatedCost_high": 1552046.8604807085, + "estimatedScheduleMonths_high": 10.92900176906995, + "estimatedPeople_high": 4.439310516710655, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nGo 55 12528 1933 792 9803 1237\n(ULOC) 5129\n-------------------------------------------------------------------------------\nSQL 18 327 40 0 287 2\n(ULOC) 168\n-------------------------------------------------------------------------------\nMarkdown 17 658 197 0 461 0\n(ULOC) 314\n-------------------------------------------------------------------------------\nYAML 14 589 31 16 542 0\n(ULOC) 333\n-------------------------------------------------------------------------------\nSVG 10 1057 0 68 989 0\n(ULOC) 803\n-------------------------------------------------------------------------------\nJSON 7 4992 1 0 4991 0\n(ULOC) 749\n-------------------------------------------------------------------------------\nShell 4 231 45 21 165 31\n(ULOC) 142\n-------------------------------------------------------------------------------\nJavaScript 3 116 0 65 51 201\n(ULOC) 76\n-------------------------------------------------------------------------------\nHTML 2 127 12 1 114 0\n(ULOC) 101\n-------------------------------------------------------------------------------\nCSS 1 3 0 1 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nMakefile 1 84 17 7 60 0\n(ULOC) 66\n-------------------------------------------------------------------------------\nPython 1 60 13 0 47 4\n(ULOC) 43\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 134 20781 2291 971 17519 1475\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 7906\nDRYness % 0.38\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $546,109\nEstimated Schedule Effort (organic) 10.93 months\nEstimated People Required (organic) 4.44\n───────────────────────────────────────────────────────────────────────────────\nProcessed 4187532 bytes, 4.188 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Go": 403527, + "PLpgSQL": 10479, + "Shell": 7324, + "Makefile": 4409, + "HTML": 3742, + "Python": 1521 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/bcda-static-site/bcda-static-site_data.json b/app/site/_data/CMSgov/bcda-static-site/bcda-static-site_data.json index 9e2c124920..77de05f375 100644 --- a/app/site/_data/CMSgov/bcda-static-site/bcda-static-site_data.json +++ b/app/site/_data/CMSgov/bcda-static-site/bcda-static-site_data.json @@ -1,562 +1,562 @@ { - "url": "https://github.com/CMSgov/bcda-static-site", - "owner": "CMSgov", - "name": "bcda-static-site", - "description": "Informational site for BCDA", - "commits_count": 229, - "issues_count": 1, - "open_issues_count": 0, - "closed_issues_count": 1, - "pull_requests_count": 223, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 198, - "closed_pull_requests_count": 25, - "forks_count": 1, - "stargazers_count": 7, - "watchers_count": 18, - "total_project_lines": 155687, - "average_project_lines": 65, - "total_project_comment_lines": 9718, - "average_project_comment_lines": 4, - "total_project_blank_lines": 11758, - "average_blank_lines": 5, - "commits_by_month": { - "2025/2": 1, - "2025/1": 2, - "2024/12": 4, - "2024/11": 5, - "2024/10": 1, - "2024/9": 1, - "2024/8": 3, - "2024/7": 1, - "2024/6": 3, - "2024/5": 4, - "2024/4": 5 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-19T05:00:00.000Z", - 1 - ], - [ - "2024-10-30T05:00:00.000Z", - 1 - ], - [ - "2024-11-07T06:00:00.000Z", - 1 - ], - [ - "2024-11-20T06:00:00.000Z", - 1 - ], - [ - "2024-12-23T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/bcda-static-site", + "owner": "CMSgov", + "name": "bcda-static-site", + "description": "Informational site for BCDA", + "commits_count": 229, + "issues_count": 1, + "open_issues_count": 0, + "closed_issues_count": 1, + "pull_requests_count": 223, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 198, + "closed_pull_requests_count": 25, + "forks_count": 1, + "stargazers_count": 7, + "watchers_count": 18, + "total_project_lines": 155687, + "average_project_lines": 65, + "total_project_comment_lines": 9718, + "average_project_comment_lines": 4, + "total_project_blank_lines": 11758, + "average_blank_lines": 5, + "commits_by_month": { + "2025/2": 1, + "2025/1": 2, + "2024/12": 4, + "2024/11": 5, + "2024/10": 1, + "2024/9": 1, + "2024/8": 3, + "2024/7": 1, + "2024/6": 3, + "2024/5": 4, + "2024/4": 5 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-19T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2019-07-18T16:03:39Z", - "ossf_scorecard": { - "date": "2025-02-23T16:38:12Z", - "repo": { - "name": "github.com/CMSgov/bcda-static-site", - "commit": "6bb6f2d3bf9048c2d6029709359ce74972a16438" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 8, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 8 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 5, - "reason": "6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "129 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "JavaScript", - "Bytes": 3004052, - "CodeBytes": 0, - "Lines": 79396, - "Code": 67077, - "Comment": 5480, - "Blank": 6839, - "Complexity": 7516, - "Count": 1762, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 258912, - "CodeBytes": 0, - "Lines": 5719, - "Code": 5359, - "Comment": 40, - "Blank": 320, - "Complexity": 0, - "Count": 164, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 211702, - "CodeBytes": 0, - "Lines": 8196, - "Code": 4571, - "Comment": 2626, - "Blank": 999, - "Complexity": 0, - "Count": 145, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSX", - "Bytes": 280260, - "CodeBytes": 0, - "Lines": 9579, - "Code": 7109, - "Comment": 1260, - "Blank": 1210, - "Complexity": 349, - "Count": 82, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 9336141, - "CodeBytes": 0, - "Lines": 40246, - "Code": 40033, - "Comment": 28, - "Blank": 185, - "Complexity": 44, - "Count": 63, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 280810, - "CodeBytes": 0, - "Lines": 400, - "Code": 197, - "Comment": 129, - "Blank": 74, - "Complexity": 0, - "Count": 52, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 391980, - "CodeBytes": 0, - "Lines": 8445, - "Code": 6522, - "Comment": 0, - "Blank": 1923, - "Complexity": 0, - "Count": 49, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 56221, - "CodeBytes": 0, - "Lines": 1993, - "Code": 1993, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 32, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 20383, - "CodeBytes": 0, - "Lines": 407, - "Code": 324, - "Comment": 0, - "Blank": 83, - "Complexity": 0, - "Count": 18, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 10897, - "CodeBytes": 0, - "Lines": 332, - "Code": 293, - "Comment": 21, - "Blank": 18, - "Complexity": 0, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript Typings", - "Bytes": 15863, - "CodeBytes": 0, - "Lines": 482, - "Code": 387, - "Comment": 49, - "Blank": 46, - "Complexity": 24, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "LiveScript", - "Bytes": 4803, - "CodeBytes": 0, - "Lines": 148, - "Code": 85, - "Comment": 55, - "Blank": 8, - "Complexity": 20, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 4002, - "CodeBytes": 0, - "Lines": 151, - "Code": 115, - "Comment": 7, - "Blank": 29, - "Complexity": 12, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Flow9", - "Bytes": 8571, - "CodeBytes": 0, - "Lines": 248, - "Code": 231, - "Comment": 8, - "Blank": 9, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 1036, - "CodeBytes": 0, - "Lines": 30, - "Code": 8, - "Comment": 15, - "Blank": 7, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 1525, - "CodeBytes": 0, - "Lines": 60, - "Code": 47, - "Comment": 0, - "Blank": 13, - "Complexity": 4, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 4229007.357169661, - "estimatedScheduleMonths_low": 24.637544924325724, - "estimatedPeople_low": 16.722088575826376, - "estimatedCost_high": 13179433.963926679, - "estimatedScheduleMonths_high": 24.637544924325724, - "estimatedPeople_high": 16.722088575826376, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJavaScript 1762 79396 6839 5480 67077 7516\n(ULOC) 18225\n-------------------------------------------------------------------------------\nHTML 164 5719 320 40 5359 0\n(ULOC) 2766\n-------------------------------------------------------------------------------\nSass 145 8196 999 2626 4571 0\n(ULOC) 3882\n-------------------------------------------------------------------------------\nJSX 82 9579 1210 1260 7109 349\n(ULOC) 4567\n-------------------------------------------------------------------------------\nSVG 63 40246 185 28 40033 44\n(ULOC) 18257\n-------------------------------------------------------------------------------\nCSS 52 400 74 129 197 0\n(ULOC) 211\n-------------------------------------------------------------------------------\nMarkdown 49 8445 1923 0 6522 0\n(ULOC) 5216\n-------------------------------------------------------------------------------\nJSON 32 1993 0 0 1993 0\n(ULOC) 1093\n-------------------------------------------------------------------------------\nLicense 18 407 83 0 324 0\n(ULOC) 68\n-------------------------------------------------------------------------------\nYAML 13 332 18 21 293 0\n(ULOC) 255\n-------------------------------------------------------------------------------\nTypeScript Typings 4 482 46 49 387 24\n(ULOC) 333\n-------------------------------------------------------------------------------\nLiveScript 2 148 8 55 85 20\n(ULOC) 132\n-------------------------------------------------------------------------------\nShell 2 151 29 7 115 12\n(ULOC) 99\n-------------------------------------------------------------------------------\nFlow9 1 248 9 8 231 0\n(ULOC) 192\n-------------------------------------------------------------------------------\nGemfile 1 30 7 15 8 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nPython 1 60 13 0 47 4\n(ULOC) 44\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 2392 155841 11765 9718 134358 7969\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 54437\nDRYness % 0.35\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $4,637,373\nEstimated Schedule Effort (organic) 24.64 months\nEstimated People Required (organic) 16.72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 13887540 bytes, 13.888 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-10-30T05:00:00.000Z", + 1 + ], + [ + "2024-11-07T06:00:00.000Z", + 1 + ], + [ + "2024-11-20T06:00:00.000Z", + 1 + ], + [ + "2024-12-23T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2019-07-18T16:03:39Z", + "ossf_scorecard": { + "date": "2025-02-23T16:38:12Z", + "repo": { + "name": "github.com/CMSgov/bcda-static-site", + "commit": "6bb6f2d3bf9048c2d6029709359ce74972a16438" }, - "predominant_langs": { - "HTML": 194428, - "SCSS": 38114, - "JavaScript": 4981, - "Shell": 4002, - "Python": 1525, - "Ruby": 1036 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "bcda-static-site", - "14 days 12:03:00" - ] + "score": 5.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 8, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 8 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 5, + "reason": "6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "129 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JavaScript", + "Bytes": 3004052, + "CodeBytes": 0, + "Lines": 79396, + "Code": 67077, + "Comment": 5480, + "Blank": 6839, + "Complexity": 7516, + "Count": 1762, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 258912, + "CodeBytes": 0, + "Lines": 5719, + "Code": 5359, + "Comment": 40, + "Blank": 320, + "Complexity": 0, + "Count": 164, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 211702, + "CodeBytes": 0, + "Lines": 8196, + "Code": 4571, + "Comment": 2626, + "Blank": 999, + "Complexity": 0, + "Count": 145, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSX", + "Bytes": 280260, + "CodeBytes": 0, + "Lines": 9579, + "Code": 7109, + "Comment": 1260, + "Blank": 1210, + "Complexity": 349, + "Count": 82, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 9336141, + "CodeBytes": 0, + "Lines": 40246, + "Code": 40033, + "Comment": 28, + "Blank": 185, + "Complexity": 44, + "Count": 63, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 280810, + "CodeBytes": 0, + "Lines": 400, + "Code": 197, + "Comment": 129, + "Blank": 74, + "Complexity": 0, + "Count": 52, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 391980, + "CodeBytes": 0, + "Lines": 8445, + "Code": 6522, + "Comment": 0, + "Blank": 1923, + "Complexity": 0, + "Count": 49, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 56221, + "CodeBytes": 0, + "Lines": 1993, + "Code": 1993, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 32, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 20383, + "CodeBytes": 0, + "Lines": 407, + "Code": 324, + "Comment": 0, + "Blank": 83, + "Complexity": 0, + "Count": 18, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 11979, + "CodeBytes": 0, + "Lines": 359, + "Code": 319, + "Comment": 23, + "Blank": 17, + "Complexity": 0, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript Typings", + "Bytes": 15863, + "CodeBytes": 0, + "Lines": 482, + "Code": 387, + "Comment": 49, + "Blank": 46, + "Complexity": 24, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "LiveScript", + "Bytes": 4803, + "CodeBytes": 0, + "Lines": 148, + "Code": 85, + "Comment": 55, + "Blank": 8, + "Complexity": 20, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 4002, + "CodeBytes": 0, + "Lines": 151, + "Code": 115, + "Comment": 7, + "Blank": 29, + "Complexity": 12, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Flow9", + "Bytes": 8571, + "CodeBytes": 0, + "Lines": 248, + "Code": 231, + "Comment": 8, + "Blank": 9, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 1036, + "CodeBytes": 0, + "Lines": 30, + "Code": 8, + "Comment": 15, + "Blank": 7, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 1525, + "CodeBytes": 0, + "Lines": 60, + "Code": 47, + "Comment": 0, + "Blank": 13, + "Complexity": 4, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 4229866.646972665, + "estimatedScheduleMonths_low": 24.639447118686093, + "estimatedPeople_low": 16.724195101038408, + "estimatedCost_high": 13182111.88625173, + "estimatedScheduleMonths_high": 24.639447118686093, + "estimatedPeople_high": 16.724195101038408, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 1762 79396 6839 5480 67077 7516\n(ULOC) 18225\n-------------------------------------------------------------------------------\nHTML 164 5719 320 40 5359 0\n(ULOC) 2766\n-------------------------------------------------------------------------------\nSass 145 8196 999 2626 4571 0\n(ULOC) 3882\n-------------------------------------------------------------------------------\nJSX 82 9579 1210 1260 7109 349\n(ULOC) 4567\n-------------------------------------------------------------------------------\nSVG 63 40246 185 28 40033 44\n(ULOC) 18257\n-------------------------------------------------------------------------------\nCSS 52 400 74 129 197 0\n(ULOC) 211\n-------------------------------------------------------------------------------\nMarkdown 49 8445 1923 0 6522 0\n(ULOC) 5216\n-------------------------------------------------------------------------------\nJSON 32 1993 0 0 1993 0\n(ULOC) 1093\n-------------------------------------------------------------------------------\nLicense 18 407 83 0 324 0\n(ULOC) 68\n-------------------------------------------------------------------------------\nYAML 13 359 17 23 319 0\n(ULOC) 273\n-------------------------------------------------------------------------------\nTypeScript Typings 4 482 46 49 387 24\n(ULOC) 333\n-------------------------------------------------------------------------------\nLiveScript 2 148 8 55 85 20\n(ULOC) 132\n-------------------------------------------------------------------------------\nShell 2 151 29 7 115 12\n(ULOC) 99\n-------------------------------------------------------------------------------\nFlow9 1 248 9 8 231 0\n(ULOC) 192\n-------------------------------------------------------------------------------\nGemfile 1 30 7 15 8 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nPython 1 60 13 0 47 4\n(ULOC) 44\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 2392 155868 11764 9720 134384 7969\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 54455\nDRYness % 0.35\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $4,638,315\nEstimated Schedule Effort (organic) 24.64 months\nEstimated People Required (organic) 16.72\n───────────────────────────────────────────────────────────────────────────────\nProcessed 13888622 bytes, 13.889 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "HTML": 194428, + "SCSS": 38114, + "JavaScript": 4981, + "Shell": 4002, + "Python": 1525, + "Ruby": 1036 + }, + "average_issue_resolution_time": [ + [ + "bcda-static-site", + "14 days 12:03:00" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@cmsgov/design-system-core", + 0.0, + "2025-03-01T19:06:01.000" + ], + [ + "@cmsgov/design-system-layout", + 0.0, + "2025-03-01T19:06:01.000" + ], + [ + "normalize.css", + 0.0, + "2025-03-01T19:06:01.000" ], - "repo_dependency_libyear_list": [ - [ - "@cmsgov/design-system-core", - 0.0, - "2025-03-01T19:06:01.000" - ], - [ - "@cmsgov/design-system-layout", - 0.0, - "2025-03-01T19:06:01.000" - ], - [ - "normalize.css", - 0.0, - "2025-03-01T19:06:01.000" - ], - [ - "svg4everybody", - 0.0, - "2025-03-01T19:06:01.000" - ] + [ + "svg4everybody", + 0.0, + "2025-03-01T19:06:01.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/beneficiary-fhir-data/beneficiary-fhir-data_data.json b/app/site/_data/CMSgov/beneficiary-fhir-data/beneficiary-fhir-data_data.json index eaee9820b2..330d3200b5 100644 --- a/app/site/_data/CMSgov/beneficiary-fhir-data/beneficiary-fhir-data_data.json +++ b/app/site/_data/CMSgov/beneficiary-fhir-data/beneficiary-fhir-data_data.json @@ -1,1080 +1,1080 @@ { - "url": "https://github.com/CMSgov/beneficiary-fhir-data", - "owner": "CMSgov", - "name": "beneficiary-fhir-data", - "description": null, - "commits_count": 5399, - "issues_count": 4, - "open_issues_count": 0, - "closed_issues_count": 4, - "pull_requests_count": 2535, - "open_pull_requests_count": 9, - "merged_pull_requests_count": 2035, - "closed_pull_requests_count": 491, - "forks_count": 33, - "stargazers_count": 61, - "watchers_count": 29, - "total_project_lines": 534491, - "average_project_lines": 168, - "total_project_comment_lines": 60330, - "average_project_comment_lines": 19, - "total_project_blank_lines": 32848, - "average_blank_lines": 10, - "commits_by_month": { - "2025/2": 30 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-18T05:00:00.000Z", - 3 - ], - [ - "2024-09-19T05:00:00.000Z", - 1 - ], - [ - "2024-09-23T05:00:00.000Z", - 2 - ], - [ - "2024-09-26T05:00:00.000Z", - 1 - ], - [ - "2024-10-07T05:00:00.000Z", - 1 - ], - [ - "2024-10-08T05:00:00.000Z", - 1 - ], - [ - "2024-10-11T05:00:00.000Z", - 1 - ], - [ - "2024-10-21T05:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/beneficiary-fhir-data", + "owner": "CMSgov", + "name": "beneficiary-fhir-data", + "description": null, + "commits_count": 5399, + "issues_count": 4, + "open_issues_count": 0, + "closed_issues_count": 4, + "pull_requests_count": 2535, + "open_pull_requests_count": 9, + "merged_pull_requests_count": 2035, + "closed_pull_requests_count": 491, + "forks_count": 33, + "stargazers_count": 61, + "watchers_count": 29, + "total_project_lines": 534491, + "average_project_lines": 168, + "total_project_comment_lines": 60330, + "average_project_comment_lines": 19, + "total_project_blank_lines": 32848, + "average_blank_lines": 10, + "commits_by_month": { + "2025/2": 30 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-18T05:00:00.000Z", + 3 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", - "nadia_color": "ff69b4", - "nadia_badge_name": "club", - "created_at": "2019-08-22T18:41:16Z", - "ossf_scorecard": { - "date": "2025-02-23T16:33:25Z", - "repo": { - "name": "github.com/CMSgov/beneficiary-fhir-data", - "commit": "fba6e20ab62e7369762739ba443af627eb4fb1d9" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 5, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "22 out of 22 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 7, - "reason": "Found 22/30 approved changesets -- score normalized to 7", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 13 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": 0, - "reason": "Project has not signed or included provenance with any releases.", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "50 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 3910777, - "CodeBytes": 0, - "Lines": 105282, - "Code": 105278, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1340, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Java", - "Bytes": 7014763, - "CodeBytes": 0, - "Lines": 174656, - "Code": 109353, - "Comment": 47202, - "Blank": 18101, - "Complexity": 4746, - "Count": 740, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 924571, - "CodeBytes": 0, - "Lines": 28322, - "Code": 20840, - "Comment": 4808, - "Blank": 2674, - "Complexity": 1305, - "Count": 243, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1321511, - "CodeBytes": 0, - "Lines": 27231, - "Code": 25837, - "Comment": 824, - "Blank": 570, - "Complexity": 0, - "Count": 156, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1079089, - "CodeBytes": 0, - "Lines": 18920, - "Code": 14603, - "Comment": 0, - "Blank": 4317, - "Complexity": 0, - "Count": 138, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 593351, - "CodeBytes": 0, - "Lines": 15507, - "Code": 12029, - "Comment": 1775, - "Blank": 1703, - "Complexity": 1282, - "Count": 91, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 345418, - "CodeBytes": 0, - "Lines": 7607, - "Code": 6265, - "Comment": 920, - "Blank": 422, - "Complexity": 0, - "Count": 74, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 213449, - "CodeBytes": 0, - "Lines": 5812, - "Code": 3773, - "Comment": 1197, - "Blank": 842, - "Complexity": 503, - "Count": 73, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Protocol Buffers", - "Bytes": 101941, - "CodeBytes": 0, - "Lines": 2480, - "Code": 1478, - "Comment": 353, - "Blank": 649, - "Complexity": 0, - "Count": 63, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 503533, - "CodeBytes": 0, - "Lines": 14361, - "Code": 10628, - "Comment": 1818, - "Blank": 1915, - "Complexity": 45, - "Count": 61, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 81230461, - "CodeBytes": 0, - "Lines": 319483, - "Code": 319416, - "Comment": 0, - "Blank": 67, - "Complexity": 0, - "Count": 53, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 5424890, - "CodeBytes": 0, - "Lines": 115265, - "Code": 115265, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 44, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Jinja", - "Bytes": 27528, - "CodeBytes": 0, - "Lines": 681, - "Code": 630, - "Comment": 0, - "Blank": 51, - "Complexity": 5, - "Count": 15, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 1047367, - "CodeBytes": 0, - "Lines": 1312, - "Code": 810, - "Comment": 502, - "Blank": 0, - "Complexity": 16, - "Count": 15, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "BASH", - "Bytes": 68157, - "CodeBytes": 0, - "Lines": 2232, - "Code": 1658, - "Comment": 274, - "Blank": 300, - "Complexity": 228, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 10037, - "CodeBytes": 0, - "Lines": 319, - "Code": 214, - "Comment": 70, - "Blank": 35, - "Complexity": 0, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Groovy", - "Bytes": 43158, - "CodeBytes": 0, - "Lines": 1078, - "Code": 690, - "Comment": 259, - "Blank": 129, - "Complexity": 53, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 7253, - "CodeBytes": 0, - "Lines": 204, - "Code": 138, - "Comment": 36, - "Blank": 30, - "Complexity": 22, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML Schema", - "Bytes": 168637, - "CodeBytes": 0, - "Lines": 4982, - "Code": 4070, - "Comment": 0, - "Blank": 912, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Autoconf", - "Bytes": 316, - "CodeBytes": 0, - "Lines": 21, - "Code": 21, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 502, - "CodeBytes": 0, - "Lines": 35, - "Code": 35, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Rust", - "Bytes": 26663, - "CodeBytes": 0, - "Lines": 757, - "Code": 485, - "Comment": 197, - "Blank": 75, - "Complexity": 15, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Smarty Template", - "Bytes": 4992, - "CodeBytes": 0, - "Lines": 146, - "Code": 126, - "Comment": 0, - "Blank": 20, - "Complexity": 10, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 1684096, - "CodeBytes": 0, - "Lines": 51, - "Code": 43, - "Comment": 2, - "Blank": 6, - "Complexity": 46, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 1115, - "CodeBytes": 0, - "Lines": 42, - "Code": 39, - "Comment": 0, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 227, - "CodeBytes": 0, - "Lines": 4, - "Code": 2, - "Comment": 2, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 1021, - "CodeBytes": 0, - "Lines": 66, - "Code": 53, - "Comment": 2, - "Blank": 11, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 152071, - "CodeBytes": 0, - "Lines": 3, - "Code": 1, - "Comment": 1, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CloudFormation (YAML)", - "Bytes": 1489, - "CodeBytes": 0, - "Lines": 59, - "Code": 21, - "Comment": 22, - "Blank": 16, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 1362, - "CodeBytes": 0, - "Lines": 37, - "Code": 14, - "Comment": 18, - "Blank": 5, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go", - "Bytes": 3708, - "CodeBytes": 0, - "Lines": 176, - "Code": 141, - "Comment": 0, - "Blank": 35, - "Complexity": 25, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "INI", - "Bytes": 42, - "CodeBytes": 0, - "Lines": 3, - "Code": 3, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Kotlin", - "Bytes": 18325, - "CodeBytes": 0, - "Lines": 503, - "Code": 408, - "Comment": 38, - "Blank": 57, - "Complexity": 56, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Ruby", - "Bytes": 1244, - "CodeBytes": 0, - "Lines": 37, - "Code": 30, - "Comment": 2, - "Blank": 5, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 25884613.461916197, - "estimatedScheduleMonths_low": 49.04363613412026, - "estimatedPeople_low": 51.417212737151566, - "estimatedCost_high": 80667760.77481435, - "estimatedScheduleMonths_high": 49.04363613412026, - "estimatedPeople_high": 51.417212737151566, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 1340 105282 4 0 105278 0\n(ULOC) 10065\n-------------------------------------------------------------------------------\nJava 740 174656 18101 47202 109353 4746\n(ULOC) 69780\n-------------------------------------------------------------------------------\nTerraform 243 28322 2674 4808 20840 1305\n(ULOC) 9553\n-------------------------------------------------------------------------------\nYAML 156 27231 570 824 25837 0\n(ULOC) 10386\n-------------------------------------------------------------------------------\nMarkdown 138 18920 4317 0 14603 0\n(ULOC) 9962\n-------------------------------------------------------------------------------\nPython 91 15507 1703 1775 12029 1282\n(ULOC) 8449\n-------------------------------------------------------------------------------\nXML 74 7607 422 920 6265 0\n(ULOC) 2880\n-------------------------------------------------------------------------------\nShell 73 5812 842 1197 3773 503\n(ULOC) 3174\n-------------------------------------------------------------------------------\nProtocol Buffers 63 2480 649 353 1478 0\n(ULOC) 1401\n-------------------------------------------------------------------------------\nSQL 61 14361 1915 1818 10628 45\n(ULOC) 5981\n-------------------------------------------------------------------------------\nPlain Text 53 319483 67 0 319416 0\n(ULOC) 319071\n-------------------------------------------------------------------------------\nCSV 44 115265 0 0 115265 0\n(ULOC) 115245\n-------------------------------------------------------------------------------\nJinja 15 681 51 0 630 5\n(ULOC) 387\n-------------------------------------------------------------------------------\nSVG 15 1312 0 502 810 16\n(ULOC) 889\n-------------------------------------------------------------------------------\nBASH 12 2232 300 274 1658 228\n(ULOC) 1158\n-------------------------------------------------------------------------------\nTOML 11 319 35 70 214 0\n(ULOC) 187\n-------------------------------------------------------------------------------\nGroovy 10 1078 129 259 690 53\n(ULOC) 726\n-------------------------------------------------------------------------------\nDockerfile 8 204 30 36 138 22\n(ULOC) 147\n-------------------------------------------------------------------------------\nXML Schema 6 4982 912 0 4070 0\n(ULOC) 1840\n-------------------------------------------------------------------------------\nAutoconf 4 21 0 0 21 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nDocker ignore 4 35 0 0 35 0\n(ULOC) 25\n-------------------------------------------------------------------------------\nRust 4 757 75 197 485 15\n(ULOC) 482\n-------------------------------------------------------------------------------\nSmarty Template 4 146 20 0 126 10\n(ULOC) 84\n-------------------------------------------------------------------------------\nJavaScript 3 51 6 2 43 46\n(ULOC) 40\n-------------------------------------------------------------------------------\nHTML 2 42 3 0 39 0\n(ULOC) 37\n-------------------------------------------------------------------------------\nProperties File 2 4 0 2 2 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nSass 2 66 11 2 53 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nCSS 1 3 1 1 1 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nCloudFormation (YAM\u2026 1 59 16 22 21 0\n(ULOC) 44\n-------------------------------------------------------------------------------\nGemfile 1 37 5 18 14 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nGo 1 176 35 0 141 25\n(ULOC) 111\n-------------------------------------------------------------------------------\nINI 1 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nKotlin 1 503 57 38 408 56\n(ULOC) 360\n-------------------------------------------------------------------------------\nRuby 1 37 5 2 30 0\n(ULOC) 29\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 3185 847674 32955 60322 754397 8357\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 571396\nDRYness % 0.67\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $28,384,109\nEstimated Schedule Effort (organic) 49.04 months\nEstimated People Required (organic) 51.42\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 105933064 bytes, 105.933 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-09-19T05:00:00.000Z", + 1 + ], + [ + "2024-09-23T05:00:00.000Z", + 2 + ], + [ + "2024-09-26T05:00:00.000Z", + 1 + ], + [ + "2024-10-07T05:00:00.000Z", + 1 + ], + [ + "2024-10-08T05:00:00.000Z", + 1 + ], + [ + "2024-10-11T05:00:00.000Z", + 1 + ], + [ + "2024-10-21T05:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", + "nadia_color": "ff69b4", + "nadia_badge_name": "club", + "created_at": "2019-08-22T18:41:16Z", + "ossf_scorecard": { + "date": "2025-02-23T16:33:25Z", + "repo": { + "name": "github.com/CMSgov/beneficiary-fhir-data", + "commit": "fba6e20ab62e7369762739ba443af627eb4fb1d9" }, - "predominant_langs": { - "Java": 7014763, - "HCL": 927937, - "Python": 578945, - "Shell": 296679, - "PLpgSQL": 172554, - "Groovy": 43320, - "Rust": 26663, - "Kotlin": 18325, - "Jinja": 12177, - "Liquid": 11845, - "Dockerfile": 7253, - "Go": 3708, - "Ruby": 2606, - "Smarty": 1730, - "HTML": 1115, - "JavaScript": 1050, - "SCSS": 1021 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "beneficiary-fhir-data", - "311 days 32:16:42.75" - ] + "score": 5.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 5, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "22 out of 22 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 7, + "reason": "Found 22/30 approved changesets -- score normalized to 7", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 13 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": 0, + "reason": "Project has not signed or included provenance with any releases.", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "50 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 3910777, + "CodeBytes": 0, + "Lines": 105282, + "Code": 105278, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1340, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Java", + "Bytes": 7014763, + "CodeBytes": 0, + "Lines": 174656, + "Code": 109353, + "Comment": 47202, + "Blank": 18101, + "Complexity": 4746, + "Count": 740, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 933513, + "CodeBytes": 0, + "Lines": 28573, + "Code": 20945, + "Comment": 4938, + "Blank": 2690, + "Complexity": 1325, + "Count": 244, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1326027, + "CodeBytes": 0, + "Lines": 27228, + "Code": 25834, + "Comment": 824, + "Blank": 570, + "Complexity": 0, + "Count": 156, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1081206, + "CodeBytes": 0, + "Lines": 18927, + "Code": 14609, + "Comment": 0, + "Blank": 4318, + "Complexity": 0, + "Count": 138, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 601846, + "CodeBytes": 0, + "Lines": 15753, + "Code": 12217, + "Comment": 1794, + "Blank": 1742, + "Complexity": 1297, + "Count": 95, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 215000, + "CodeBytes": 0, + "Lines": 5864, + "Code": 3808, + "Comment": 1203, + "Blank": 853, + "Complexity": 504, + "Count": 74, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 345418, + "CodeBytes": 0, + "Lines": 7607, + "Code": 6265, + "Comment": 920, + "Blank": 422, + "Complexity": 0, + "Count": 74, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Protocol Buffers", + "Bytes": 101941, + "CodeBytes": 0, + "Lines": 2480, + "Code": 1478, + "Comment": 353, + "Blank": 649, + "Complexity": 0, + "Count": 63, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 504898, + "CodeBytes": 0, + "Lines": 14407, + "Code": 10669, + "Comment": 1818, + "Blank": 1920, + "Complexity": 45, + "Count": 63, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 81230461, + "CodeBytes": 0, + "Lines": 319483, + "Code": 319416, + "Comment": 0, + "Blank": 67, + "Complexity": 0, + "Count": 53, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 5424890, + "CodeBytes": 0, + "Lines": 115265, + "Code": 115265, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 44, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Jinja", + "Bytes": 27528, + "CodeBytes": 0, + "Lines": 681, + "Code": 630, + "Comment": 0, + "Blank": 51, + "Complexity": 5, + "Count": 15, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 1047367, + "CodeBytes": 0, + "Lines": 1312, + "Code": 810, + "Comment": 502, + "Blank": 0, + "Complexity": 16, + "Count": 15, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "BASH", + "Bytes": 68157, + "CodeBytes": 0, + "Lines": 2232, + "Code": 1658, + "Comment": 274, + "Blank": 300, + "Complexity": 228, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 10254, + "CodeBytes": 0, + "Lines": 328, + "Code": 221, + "Comment": 70, + "Blank": 37, + "Complexity": 0, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Groovy", + "Bytes": 43320, + "CodeBytes": 0, + "Lines": 1081, + "Code": 693, + "Comment": 259, + "Blank": 129, + "Complexity": 54, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 7253, + "CodeBytes": 0, + "Lines": 204, + "Code": 138, + "Comment": 36, + "Blank": 30, + "Complexity": 22, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML Schema", + "Bytes": 168637, + "CodeBytes": 0, + "Lines": 4982, + "Code": 4070, + "Comment": 0, + "Blank": 912, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Autoconf", + "Bytes": 316, + "CodeBytes": 0, + "Lines": 21, + "Code": 21, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 502, + "CodeBytes": 0, + "Lines": 35, + "Code": 35, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Rust", + "Bytes": 26663, + "CodeBytes": 0, + "Lines": 757, + "Code": 485, + "Comment": 197, + "Blank": 75, + "Complexity": 15, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Smarty Template", + "Bytes": 4992, + "CodeBytes": 0, + "Lines": 146, + "Code": 126, + "Comment": 0, + "Blank": 20, + "Complexity": 10, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 1684096, + "CodeBytes": 0, + "Lines": 51, + "Code": 43, + "Comment": 2, + "Blank": 6, + "Complexity": 46, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 1115, + "CodeBytes": 0, + "Lines": 42, + "Code": 39, + "Comment": 0, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 227, + "CodeBytes": 0, + "Lines": 4, + "Code": 2, + "Comment": 2, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 1021, + "CodeBytes": 0, + "Lines": 66, + "Code": 53, + "Comment": 2, + "Blank": 11, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 152071, + "CodeBytes": 0, + "Lines": 3, + "Code": 1, + "Comment": 1, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CloudFormation (YAML)", + "Bytes": 1489, + "CodeBytes": 0, + "Lines": 59, + "Code": 21, + "Comment": 22, + "Blank": 16, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 1362, + "CodeBytes": 0, + "Lines": 37, + "Code": 14, + "Comment": 18, + "Blank": 5, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go", + "Bytes": 3708, + "CodeBytes": 0, + "Lines": 176, + "Code": 141, + "Comment": 0, + "Blank": 35, + "Complexity": 25, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "INI", + "Bytes": 42, + "CodeBytes": 0, + "Lines": 3, + "Code": 3, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Kotlin", + "Bytes": 18325, + "CodeBytes": 0, + "Lines": 503, + "Code": 408, + "Comment": 38, + "Blank": 57, + "Complexity": 56, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Ruby", + "Bytes": 1244, + "CodeBytes": 0, + "Lines": 37, + "Code": 30, + "Comment": 2, + "Blank": 5, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 25898376.04298358, + "estimatedScheduleMonths_low": 49.05354337898466, + "estimatedPeople_low": 51.43416058520594, + "estimatedCost_high": 80710650.98829275, + "estimatedScheduleMonths_high": 49.05354337898466, + "estimatedPeople_high": 51.43416058520594, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 1340 105282 4 0 105278 0\n(ULOC) 10065\n-------------------------------------------------------------------------------\nJava 740 174656 18101 47202 109353 4746\n(ULOC) 69780\n-------------------------------------------------------------------------------\nTerraform 244 28573 2690 4938 20945 1325\n(ULOC) 9657\n-------------------------------------------------------------------------------\nYAML 156 27228 570 824 25834 0\n(ULOC) 10387\n-------------------------------------------------------------------------------\nMarkdown 138 18927 4318 0 14609 0\n(ULOC) 9962\n-------------------------------------------------------------------------------\nPython 95 15753 1742 1794 12217 1297\n(ULOC) 8607\n-------------------------------------------------------------------------------\nShell 74 5864 853 1203 3808 504\n(ULOC) 3207\n-------------------------------------------------------------------------------\nXML 74 7607 422 920 6265 0\n(ULOC) 2880\n-------------------------------------------------------------------------------\nProtocol Buffers 63 2480 649 353 1478 0\n(ULOC) 1401\n-------------------------------------------------------------------------------\nSQL 63 14407 1920 1818 10669 45\n(ULOC) 6011\n-------------------------------------------------------------------------------\nPlain Text 53 319483 67 0 319416 0\n(ULOC) 319071\n-------------------------------------------------------------------------------\nCSV 44 115265 0 0 115265 0\n(ULOC) 115245\n-------------------------------------------------------------------------------\nJinja 15 681 51 0 630 5\n(ULOC) 387\n-------------------------------------------------------------------------------\nSVG 15 1312 0 502 810 16\n(ULOC) 889\n-------------------------------------------------------------------------------\nBASH 12 2232 300 274 1658 228\n(ULOC) 1158\n-------------------------------------------------------------------------------\nTOML 11 328 37 70 221 0\n(ULOC) 193\n-------------------------------------------------------------------------------\nGroovy 10 1081 129 259 693 54\n(ULOC) 728\n-------------------------------------------------------------------------------\nDockerfile 8 204 30 36 138 22\n(ULOC) 147\n-------------------------------------------------------------------------------\nXML Schema 6 4982 912 0 4070 0\n(ULOC) 1840\n-------------------------------------------------------------------------------\nAutoconf 4 21 0 0 21 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nDocker ignore 4 35 0 0 35 0\n(ULOC) 25\n-------------------------------------------------------------------------------\nRust 4 757 75 197 485 15\n(ULOC) 482\n-------------------------------------------------------------------------------\nSmarty Template 4 146 20 0 126 10\n(ULOC) 84\n-------------------------------------------------------------------------------\nJavaScript 3 51 6 2 43 46\n(ULOC) 40\n-------------------------------------------------------------------------------\nHTML 2 42 3 0 39 0\n(ULOC) 37\n-------------------------------------------------------------------------------\nProperties File 2 4 0 2 2 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nSass 2 66 11 2 53 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nCSS 1 3 1 1 1 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nCloudFormation (YAM… 1 59 16 22 21 0\n(ULOC) 44\n-------------------------------------------------------------------------------\nGemfile 1 37 5 18 14 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nGo 1 176 35 0 141 25\n(ULOC) 111\n-------------------------------------------------------------------------------\nINI 1 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nKotlin 1 503 57 38 408 56\n(ULOC) 360\n-------------------------------------------------------------------------------\nRuby 1 37 5 2 30 0\n(ULOC) 29\n───────────────────────────────────────────────────────────────────────────────\nTotal 3193 848285 33029 60477 754779 8394\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 571715\nDRYness % 0.67\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $28,399,201\nEstimated Schedule Effort (organic) 49.05 months\nEstimated People Required (organic) 51.43\n───────────────────────────────────────────────────────────────────────────────\nProcessed 105960429 bytes, 105.960 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 7014763, + "HCL": 927937, + "Python": 578945, + "Shell": 296679, + "PLpgSQL": 172554, + "Groovy": 43320, + "Rust": 26663, + "Kotlin": 18325, + "Jinja": 12177, + "Liquid": 11845, + "Dockerfile": 7253, + "Go": 3708, + "Ruby": 2606, + "Smarty": 1730, + "HTML": 1115, + "JavaScript": 1050, + "SCSS": 1021 + }, + "average_issue_resolution_time": [ + [ + "beneficiary-fhir-data", + "311 days 32:16:42.75" + ] + ], + "repo_dependency_libyear_list": [ + [ + "The", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "This", + -1.0, + "2024-08-04T19:09:58.000" + ], + [ + "blinker", + 0.5808219178, + "2024-08-04T19:09:58.000" + ], + [ + "boto3", + 0.0, + "2025-03-01T19:06:10.000" + ], + [ + "boto3", + 0.7424657534, + "2024-06-18T20:40:53.000" + ], + [ + "boto3", + 0.8684931507, + "2024-08-04T19:09:58.000" + ], + [ + "botocore", + 0.6410958904, + "2024-06-18T20:40:53.000" + ], + [ + "botocore", + 0.7671232877, + "2024-08-04T19:09:58.000" + ], + [ + "brotli", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "by", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "certifi", + 0.8630136986, + "2024-06-18T20:40:53.000" + ], + [ + "certifi", + 0.9506849315, + "2024-08-04T19:09:58.000" + ], + [ + "charset-normalizer", + 0.0246575342, + "2024-08-04T19:09:58.000" + ], + [ + "click", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "configargparse", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "diagrams", + 0.0, + "2025-01-01T18:35:23.000" + ], + [ + "flask", + 0.6273972603, + "2024-08-04T19:09:58.000" + ], + [ + "flask-basicauth", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "flask-cors", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "gevent", + 0.4219178082, + "2024-08-04T19:09:58.000" + ], + [ + "geventhttpclient", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "greenlet", + 0.1561643836, + "2024-08-04T19:09:58.000" + ], + [ + "hash", + -1.0, + "2024-08-04T19:09:58.000" + ], + [ + "idna", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "importlib-metadata", + 0.0, + "2024-06-18T20:40:53.000" + ], + [ + "itsdangerous", + 2.0657534247, + "2024-08-04T19:09:58.000" + ], + [ + "jinja2", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "jinja2", + 0.3178082192, + "2024-06-18T20:40:53.000" + ], + [ + "jmespath", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "locust", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "markupsafe", + 0.6684931507, + "2024-08-04T19:09:58.000" + ], + [ + "msgpack", + 0.4246575342, + "2024-08-04T19:09:58.000" + ], + [ + "pip-compile", + -1.0, + "2024-08-04T19:09:58.000" + ], + [ + "psutil", + 0.2630136986, + "2024-06-18T20:40:53.000" + ], + [ + "psutil", + 0.6767123288, + "2024-08-04T19:09:58.000" + ], + [ + "psycogreen", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "psycopg2-binary", + 0.1616438356, + "2024-08-04T19:09:58.000" + ], + [ + "python-dateutil", + 2.6328767123, + "2024-08-04T19:09:58.000" + ], + [ + "pyzmq", + 0.7260273973, + "2024-06-18T20:40:53.000" + ], + [ + "pyzmq", + 0.9835616438, + "2024-08-04T19:09:58.000" + ], + [ + "requests", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "requirements.in", + -1.0, + "2024-08-04T19:09:58.000" + ], + [ + "roundrobin", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "s3transfer", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "setuptools", + 0.0520547945, + "2024-08-04T19:09:58.000" + ], + [ + "setuptools", + 0.6876712329, + "2024-06-18T20:40:53.000" + ], + [ + "six", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "typing-extensions", + 0.7205479452, + "2024-08-04T19:09:58.000" + ], + [ + "urllib3", + 0.6657534247, + "2024-08-04T19:09:58.000" + ], + [ + "via", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "werkzeug", + 0.0, + "2024-08-04T19:09:58.000" + ], + [ + "zipp", + 0.2219178082, + "2024-06-18T20:40:53.000" + ], + [ + "zope-event", + 0.0, + "2024-08-04T19:09:58.000" ], - "repo_dependency_libyear_list": [ - [ - "The", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "This", - -1.0, - "2024-08-04T19:09:58.000" - ], - [ - "blinker", - 0.5808219178, - "2024-08-04T19:09:58.000" - ], - [ - "boto3", - 0.0, - "2025-03-01T19:06:10.000" - ], - [ - "boto3", - 0.7424657534, - "2024-06-18T20:40:53.000" - ], - [ - "boto3", - 0.8684931507, - "2024-08-04T19:09:58.000" - ], - [ - "botocore", - 0.6410958904, - "2024-06-18T20:40:53.000" - ], - [ - "botocore", - 0.7671232877, - "2024-08-04T19:09:58.000" - ], - [ - "brotli", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "by", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "certifi", - 0.8630136986, - "2024-06-18T20:40:53.000" - ], - [ - "certifi", - 0.9506849315, - "2024-08-04T19:09:58.000" - ], - [ - "charset-normalizer", - 0.0246575342, - "2024-08-04T19:09:58.000" - ], - [ - "click", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "configargparse", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "diagrams", - 0.0, - "2025-01-01T18:35:23.000" - ], - [ - "flask", - 0.6273972603, - "2024-08-04T19:09:58.000" - ], - [ - "flask-basicauth", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "flask-cors", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "gevent", - 0.4219178082, - "2024-08-04T19:09:58.000" - ], - [ - "geventhttpclient", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "greenlet", - 0.1561643836, - "2024-08-04T19:09:58.000" - ], - [ - "hash", - -1.0, - "2024-08-04T19:09:58.000" - ], - [ - "idna", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "importlib-metadata", - 0.0, - "2024-06-18T20:40:53.000" - ], - [ - "itsdangerous", - 2.0657534247, - "2024-08-04T19:09:58.000" - ], - [ - "jinja2", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "jinja2", - 0.3178082192, - "2024-06-18T20:40:53.000" - ], - [ - "jmespath", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "locust", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "markupsafe", - 0.6684931507, - "2024-08-04T19:09:58.000" - ], - [ - "msgpack", - 0.4246575342, - "2024-08-04T19:09:58.000" - ], - [ - "pip-compile", - -1.0, - "2024-08-04T19:09:58.000" - ], - [ - "psutil", - 0.2630136986, - "2024-06-18T20:40:53.000" - ], - [ - "psutil", - 0.6767123288, - "2024-08-04T19:09:58.000" - ], - [ - "psycogreen", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "psycopg2-binary", - 0.1616438356, - "2024-08-04T19:09:58.000" - ], - [ - "python-dateutil", - 2.6328767123, - "2024-08-04T19:09:58.000" - ], - [ - "pyzmq", - 0.7260273973, - "2024-06-18T20:40:53.000" - ], - [ - "pyzmq", - 0.9835616438, - "2024-08-04T19:09:58.000" - ], - [ - "requests", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "requirements.in", - -1.0, - "2024-08-04T19:09:58.000" - ], - [ - "roundrobin", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "s3transfer", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "setuptools", - 0.0520547945, - "2024-08-04T19:09:58.000" - ], - [ - "setuptools", - 0.6876712329, - "2024-06-18T20:40:53.000" - ], - [ - "six", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "typing-extensions", - 0.7205479452, - "2024-08-04T19:09:58.000" - ], - [ - "urllib3", - 0.6657534247, - "2024-08-04T19:09:58.000" - ], - [ - "via", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "werkzeug", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "zipp", - 0.2219178082, - "2024-06-18T20:40:53.000" - ], - [ - "zope-event", - 0.0, - "2024-08-04T19:09:58.000" - ], - [ - "zope-interface", - 0.6328767123, - "2024-08-04T19:09:58.000" - ] + [ + "zope-interface", + 0.6328767123, + "2024-08-04T19:09:58.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/beneficiary-reporting-validation/beneficiary-reporting-validation_data.json b/app/site/_data/CMSgov/beneficiary-reporting-validation/beneficiary-reporting-validation_data.json index 784aea2249..50d500ba4a 100644 --- a/app/site/_data/CMSgov/beneficiary-reporting-validation/beneficiary-reporting-validation_data.json +++ b/app/site/_data/CMSgov/beneficiary-reporting-validation/beneficiary-reporting-validation_data.json @@ -1,380 +1,380 @@ { - "url": "https://github.com/CMSgov/beneficiary-reporting-validation", - "owner": "CMSgov", - "name": "beneficiary-reporting-validation", - "description": null, - "commits_count": 389, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 180, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 142, - "closed_pull_requests_count": 38, - "forks_count": 3, - "stargazers_count": 2, - "watchers_count": 21, - "total_project_lines": 2607, - "average_project_lines": 47, - "total_project_comment_lines": 10, - "average_project_comment_lines": 0, - "total_project_blank_lines": 402, - "average_blank_lines": 7, - "commits_by_month": { - "2024/9": 3, - "2024/4": 1, - "2024/2": 2, - "2023/10": 2, - "2023/5": 4, - "2022/8": 4, - "2022/6": 4, - "2022/2": 2, - "2021/12": 4, - "2021/10": 4 + "url": "https://github.com/CMSgov/beneficiary-reporting-validation", + "owner": "CMSgov", + "name": "beneficiary-reporting-validation", + "description": null, + "commits_count": 389, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 180, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 142, + "closed_pull_requests_count": 38, + "forks_count": 3, + "stargazers_count": 2, + "watchers_count": 21, + "total_project_lines": 2607, + "average_project_lines": 47, + "total_project_comment_lines": 10, + "average_project_comment_lines": 0, + "total_project_blank_lines": 402, + "average_blank_lines": 7, + "commits_by_month": { + "2024/9": 3, + "2024/4": 1, + "2024/2": 2, + "2023/10": 2, + "2023/5": 4, + "2022/8": 4, + "2022/6": 4, + "2022/2": 2, + "2021/12": 4, + "2021/10": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2018-04-20T14:52:58Z", + "ossf_scorecard": { + "date": "2025-02-23T16:40:51Z", + "repo": { + "name": "github.com/CMSgov/beneficiary-reporting-validation", + "commit": "af10f00d59ec4a066fea6709a0633b2f2e5fd57b" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2018-04-20T14:52:58Z", - "ossf_scorecard": { - "date": "2025-02-23T16:40:51Z", - "repo": { - "name": "github.com/CMSgov/beneficiary-reporting-validation", - "commit": "af10f00d59ec4a066fea6709a0633b2f2e5fd57b" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.9, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 8, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 3, - "reason": "6 out of 17 merged PRs checked by a CI test -- score normalized to 3", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 6, - "reason": "Found 16/23 approved changesets -- score normalized to 6", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 3, - "reason": "dependency not pinned by hash detected -- score normalized to 3", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 4, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "22 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "TypeScript", - "Bytes": 54799, - "CodeBytes": 0, - "Lines": 1974, - "Code": 1691, - "Comment": 8, - "Blank": 275, - "Complexity": 135, - "Count": 42, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 11028, - "CodeBytes": 0, - "Lines": 293, - "Code": 210, - "Comment": 0, - "Blank": 83, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 2447, - "CodeBytes": 0, - "Lines": 109, - "Code": 109, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2654, - "CodeBytes": 0, - "Lines": 115, - "Code": 89, - "Comment": 2, - "Blank": 24, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6555, - "CodeBytes": 0, - "Lines": 116, - "Code": 96, - "Comment": 0, - "Blank": 20, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 56242.93610291686, - "estimatedScheduleMonths_low": 4.771475034421619, - "estimatedPeople_low": 1.1483250444370732, - "estimatedCost_high": 175277.5532653212, - "estimatedScheduleMonths_high": 4.771475034421619, - "estimatedPeople_high": 1.1483250444370732, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTypeScript 42 1974 275 8 1691 135\n(ULOC) 730\n-------------------------------------------------------------------------------\nMarkdown 7 293 83 0 210 0\n(ULOC) 178\n-------------------------------------------------------------------------------\nJSON 3 109 0 0 109 0\n(ULOC) 95\n-------------------------------------------------------------------------------\nYAML 3 115 24 2 89 0\n(ULOC) 53\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 56 2607 402 10 2195 135\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1144\nDRYness % 0.44\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $61,673\nEstimated Schedule Effort (organic) 4.77 months\nEstimated People Required (organic) 1.15\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 77483 bytes, 0.077 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "TypeScript": 54799 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "@types/jest", - 3.298630137, - "2025-03-01T04:28:14.000" - ], - [ - "@types/node", - 1.4356164384, - "2025-03-01T04:28:14.000" - ], - [ - "class-transformer", - 0.0, - "2025-03-01T04:28:14.000" - ], - [ - "class-validator", - 0.0, - "2025-03-01T04:28:14.000" - ], - [ - "date-fns", - 1.3863013699, - "2025-03-01T04:28:14.000" - ], - [ - "jest", - 2.8547945205, - "2025-03-01T04:28:14.000" - ], - [ - "reflect-metadata", - 0.0, - "2025-03-01T04:28:14.000" - ], - [ - "ts-jest", - 3.8054794521, - "2025-03-01T04:28:14.000" - ], - [ - "ts-node", - 3.0, - "2025-03-01T04:28:14.000" - ], - [ - "typescript", - 2.0794520548, - "2025-03-01T04:28:14.000" - ] + "score": 4.9, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 8, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 3, + "reason": "6 out of 17 merged PRs checked by a CI test -- score normalized to 3", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 6, + "reason": "Found 16/23 approved changesets -- score normalized to 6", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 3, + "reason": "dependency not pinned by hash detected -- score normalized to 3", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 4, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "22 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "TypeScript", + "Bytes": 54799, + "CodeBytes": 0, + "Lines": 1974, + "Code": 1691, + "Comment": 8, + "Blank": 275, + "Complexity": 135, + "Count": 42, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 11028, + "CodeBytes": 0, + "Lines": 293, + "Code": 210, + "Comment": 0, + "Blank": 83, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 2447, + "CodeBytes": 0, + "Lines": 109, + "Code": 109, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2654, + "CodeBytes": 0, + "Lines": 115, + "Code": 89, + "Comment": 2, + "Blank": 24, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6555, + "CodeBytes": 0, + "Lines": 116, + "Code": 96, + "Comment": 0, + "Blank": 20, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 56242.93610291686, + "estimatedScheduleMonths_low": 4.771475034421619, + "estimatedPeople_low": 1.1483250444370732, + "estimatedCost_high": 175277.5532653212, + "estimatedScheduleMonths_high": 4.771475034421619, + "estimatedPeople_high": 1.1483250444370732, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 42 1974 275 8 1691 135\n(ULOC) 730\n-------------------------------------------------------------------------------\nMarkdown 7 293 83 0 210 0\n(ULOC) 178\n-------------------------------------------------------------------------------\nJSON 3 109 0 0 109 0\n(ULOC) 95\n-------------------------------------------------------------------------------\nYAML 3 115 24 2 89 0\n(ULOC) 53\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n───────────────────────────────────────────────────────────────────────────────\nTotal 56 2607 402 10 2195 135\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1144\nDRYness % 0.44\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $61,673\nEstimated Schedule Effort (organic) 4.77 months\nEstimated People Required (organic) 1.15\n───────────────────────────────────────────────────────────────────────────────\nProcessed 77483 bytes, 0.077 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 54799 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "@types/jest", + 3.298630137, + "2025-03-01T04:28:14.000" + ], + [ + "@types/node", + 1.4356164384, + "2025-03-01T04:28:14.000" + ], + [ + "class-transformer", + 0.0, + "2025-03-01T04:28:14.000" + ], + [ + "class-validator", + 0.0, + "2025-03-01T04:28:14.000" + ], + [ + "date-fns", + 1.3863013699, + "2025-03-01T04:28:14.000" + ], + [ + "jest", + 2.8547945205, + "2025-03-01T04:28:14.000" + ], + [ + "reflect-metadata", + 0.0, + "2025-03-01T04:28:14.000" + ], + [ + "ts-jest", + 3.8054794521, + "2025-03-01T04:28:14.000" + ], + [ + "ts-node", + 3.0, + "2025-03-01T04:28:14.000" + ], + [ + "typescript", + 2.0794520548, + "2025-03-01T04:28:14.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/bluebutton-css/bluebutton-css_data.json b/app/site/_data/CMSgov/bluebutton-css/bluebutton-css_data.json index 5025c08259..e5e05afbbc 100644 --- a/app/site/_data/CMSgov/bluebutton-css/bluebutton-css_data.json +++ b/app/site/_data/CMSgov/bluebutton-css/bluebutton-css_data.json @@ -1,435 +1,435 @@ { - "url": "https://github.com/CMSgov/bluebutton-css", - "owner": "CMSgov", - "name": "bluebutton-css", - "description": "Blue Button 2.0 CSS", - "commits_count": 95, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 73, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 48, - "closed_pull_requests_count": 23, - "forks_count": 3, - "stargazers_count": 2, - "watchers_count": 21, - "total_project_lines": 3353, - "average_project_lines": 64, - "total_project_comment_lines": 554, - "average_project_comment_lines": 11, - "total_project_blank_lines": 377, - "average_blank_lines": 7, - "commits_by_month": { - "2024/9": 1, - "2024/8": 1, - "2024/7": 2, - "2023/2": 1, - "2022/12": 3, - "2022/10": 2, - "2022/9": 1, - "2021/1": 1, - "2020/2": 1, - "2019/12": 1, - "2019/10": 4, - "2019/9": 2, - "2019/7": 4, - "2019/6": 2, - "2019/5": 2, - "2019/4": 1, - "2019/2": 1 + "url": "https://github.com/CMSgov/bluebutton-css", + "owner": "CMSgov", + "name": "bluebutton-css", + "description": "Blue Button 2.0 CSS", + "commits_count": 95, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 73, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 48, + "closed_pull_requests_count": 23, + "forks_count": 3, + "stargazers_count": 2, + "watchers_count": 21, + "total_project_lines": 3353, + "average_project_lines": 64, + "total_project_comment_lines": 554, + "average_project_comment_lines": 11, + "total_project_blank_lines": 377, + "average_blank_lines": 7, + "commits_by_month": { + "2024/9": 1, + "2024/8": 1, + "2024/7": 2, + "2023/2": 1, + "2022/12": 3, + "2022/10": 2, + "2022/9": 1, + "2021/1": 1, + "2020/2": 1, + "2019/12": 1, + "2019/10": 4, + "2019/9": 2, + "2019/7": 4, + "2019/6": 2, + "2019/5": 2, + "2019/4": 1, + "2019/2": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2018-09-06T23:45:46Z", + "ossf_scorecard": { + "date": "2025-02-23T16:41:59Z", + "repo": { + "name": "github.com/CMSgov/bluebutton-css", + "commit": "1fb9a844a3f82187c279a3178bdb13f8c2810bec" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2018-09-06T23:45:46Z", - "ossf_scorecard": { - "date": "2025-02-23T16:41:59Z", - "repo": { - "name": "github.com/CMSgov/bluebutton-css", - "commit": "1fb9a844a3f82187c279a3178bdb13f8c2810bec" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 28 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 6, - "reason": "Found 18/29 approved changesets -- score normalized to 6", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 8, - "reason": "2 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Sass", - "Bytes": 53532, - "CodeBytes": 0, - "Lines": 2746, - "Code": 1936, - "Comment": 490, - "Blank": 320, - "Complexity": 0, - "Count": 22, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 26064, - "CodeBytes": 0, - "Lines": 214, - "Code": 202, - "Comment": 12, - "Blank": 0, - "Complexity": 0, - "Count": 21, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 339018, - "CodeBytes": 0, - "Lines": 5, - "Code": 3, - "Comment": 2, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 2850, - "CodeBytes": 0, - "Lines": 95, - "Code": 66, - "Comment": 0, - "Blank": 29, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 984, - "CodeBytes": 0, - "Lines": 40, - "Code": 40, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 1032, - "CodeBytes": 0, - "Lines": 39, - "Code": 22, - "Comment": 14, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 7230, - "CodeBytes": 0, - "Lines": 214, - "Code": 153, - "Comment": 36, - "Blank": 25, - "Complexity": 22, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 62365.52453939949, - "estimatedScheduleMonths_low": 4.962559900031952, - "estimatedPeople_low": 1.2243013420389075, - "estimatedCost_high": 194358.2129028889, - "estimatedScheduleMonths_high": 4.962559900031952, - "estimatedPeople_high": 1.2243013420389075, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nSass 22 2746 320 490 1936 0\n(ULOC) 1401\n-------------------------------------------------------------------------------\nSVG 21 214 0 12 202 0\n(ULOC) 118\n-------------------------------------------------------------------------------\nCSS 3 5 0 2 3 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nMarkdown 3 95 29 0 66 0\n(ULOC) 51\n-------------------------------------------------------------------------------\nJSON 1 40 0 0 40 0\n(ULOC) 37\n-------------------------------------------------------------------------------\nJavaScript 1 39 3 14 22 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nShell 1 214 25 36 153 22\n(ULOC) 150\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 52 3353 377 554 2422 22\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1791\nDRYness % 0.53\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $68,387\nEstimated Schedule Effort (organic) 4.96 months\nEstimated People Required (organic) 1.22\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 430710 bytes, 0.431 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "SCSS": 53532, - "Shell": 7230, - "Groovy": 4535, - "JavaScript": 1032 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "@cmsgov/design-system", - 2.1616438356, - "2025-03-01T04:24:46.000" - ], - [ - "ansi-regex", - 0.0, - "2025-03-01T04:24:46.000" - ], - [ - "gulp", - 0.0, - "2025-03-01T04:24:46.000" - ], - [ - "gulp-clean-css", - 0.0, - "2025-03-01T04:24:46.000" - ], - [ - "gulp-cli", - 0.0, - "2025-03-01T04:24:46.000" - ], - [ - "gulp-minify", - 0.0, - "2025-03-01T04:24:46.000" - ], - [ - "gulp-rename", - 0.0, - "2025-03-01T04:24:46.000" - ], - [ - "gulp-sass", - 2.9095890411, - "2025-03-01T04:24:46.000" - ], - [ - "gulp-sourcemaps", - 1.7287671233, - "2025-03-01T04:24:46.000" - ], - [ - "gulp-wait", - 0.0, - "2025-03-01T04:24:46.000" - ], - [ - "node-gyp", - 0.1890410959, - "2025-03-01T04:24:46.000" - ], - [ - "node-sass", - 0.5232876712, - "2025-03-01T04:24:46.000" - ], - [ - "pump", - 0.0, - "2025-03-01T04:24:46.000" - ] + "score": 4.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 28 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 6, + "reason": "Found 18/29 approved changesets -- score normalized to 6", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 8, + "reason": "2 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Sass", + "Bytes": 53532, + "CodeBytes": 0, + "Lines": 2746, + "Code": 1936, + "Comment": 490, + "Blank": 320, + "Complexity": 0, + "Count": 22, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 26064, + "CodeBytes": 0, + "Lines": 214, + "Code": 202, + "Comment": 12, + "Blank": 0, + "Complexity": 0, + "Count": 21, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 339018, + "CodeBytes": 0, + "Lines": 5, + "Code": 3, + "Comment": 2, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 2850, + "CodeBytes": 0, + "Lines": 95, + "Code": 66, + "Comment": 0, + "Blank": 29, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 984, + "CodeBytes": 0, + "Lines": 40, + "Code": 40, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 1032, + "CodeBytes": 0, + "Lines": 39, + "Code": 22, + "Comment": 14, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 7230, + "CodeBytes": 0, + "Lines": 214, + "Code": 153, + "Comment": 36, + "Blank": 25, + "Complexity": 22, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 62365.52453939949, + "estimatedScheduleMonths_low": 4.962559900031952, + "estimatedPeople_low": 1.2243013420389075, + "estimatedCost_high": 194358.2129028889, + "estimatedScheduleMonths_high": 4.962559900031952, + "estimatedPeople_high": 1.2243013420389075, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nSass 22 2746 320 490 1936 0\n(ULOC) 1401\n-------------------------------------------------------------------------------\nSVG 21 214 0 12 202 0\n(ULOC) 118\n-------------------------------------------------------------------------------\nCSS 3 5 0 2 3 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nMarkdown 3 95 29 0 66 0\n(ULOC) 51\n-------------------------------------------------------------------------------\nJSON 1 40 0 0 40 0\n(ULOC) 37\n-------------------------------------------------------------------------------\nJavaScript 1 39 3 14 22 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nShell 1 214 25 36 153 22\n(ULOC) 150\n───────────────────────────────────────────────────────────────────────────────\nTotal 52 3353 377 554 2422 22\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1791\nDRYness % 0.53\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $68,387\nEstimated Schedule Effort (organic) 4.96 months\nEstimated People Required (organic) 1.22\n───────────────────────────────────────────────────────────────────────────────\nProcessed 430710 bytes, 0.431 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "SCSS": 53532, + "Shell": 7230, + "Groovy": 4535, + "JavaScript": 1032 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "@cmsgov/design-system", + 2.1616438356, + "2025-03-01T04:24:46.000" + ], + [ + "ansi-regex", + 0.0, + "2025-03-01T04:24:46.000" + ], + [ + "gulp", + 0.0, + "2025-03-01T04:24:46.000" + ], + [ + "gulp-clean-css", + 0.0, + "2025-03-01T04:24:46.000" + ], + [ + "gulp-cli", + 0.0, + "2025-03-01T04:24:46.000" + ], + [ + "gulp-minify", + 0.0, + "2025-03-01T04:24:46.000" + ], + [ + "gulp-rename", + 0.0, + "2025-03-01T04:24:46.000" + ], + [ + "gulp-sass", + 2.9095890411, + "2025-03-01T04:24:46.000" + ], + [ + "gulp-sourcemaps", + 1.7287671233, + "2025-03-01T04:24:46.000" + ], + [ + "gulp-wait", + 0.0, + "2025-03-01T04:24:46.000" + ], + [ + "node-gyp", + 0.1890410959, + "2025-03-01T04:24:46.000" + ], + [ + "node-sass", + 0.5232876712, + "2025-03-01T04:24:46.000" + ], + [ + "pump", + 0.0, + "2025-03-01T04:24:46.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/bluebutton-sample-client-nodejs-react/bluebutton-sample-client-nodejs-react_data.json b/app/site/_data/CMSgov/bluebutton-sample-client-nodejs-react/bluebutton-sample-client-nodejs-react_data.json index bd761e8bae..53fb9b17c9 100644 --- a/app/site/_data/CMSgov/bluebutton-sample-client-nodejs-react/bluebutton-sample-client-nodejs-react_data.json +++ b/app/site/_data/CMSgov/bluebutton-sample-client-nodejs-react/bluebutton-sample-client-nodejs-react_data.json @@ -1,850 +1,850 @@ { - "url": "https://github.com/CMSgov/bluebutton-sample-client-nodejs-react", - "owner": "CMSgov", - "name": "bluebutton-sample-client-nodejs-react", - "description": null, - "commits_count": 133, - "issues_count": 1, - "open_issues_count": 0, - "closed_issues_count": 1, - "pull_requests_count": 66, - "open_pull_requests_count": 5, - "merged_pull_requests_count": 38, - "closed_pull_requests_count": 23, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 17, - "total_project_lines": 55804, - "average_project_lines": 1298, - "total_project_comment_lines": 68, - "average_project_comment_lines": 2, - "total_project_blank_lines": 200, - "average_blank_lines": 5, - "commits_by_month": { - "2025/1": 1, - "2024/12": 4, - "2024/10": 1, - "2024/9": 3, - "2024/8": 3, - "2024/7": 4, - "2024/6": 1, - "2024/4": 1, - "2024/1": 2, - "2023/11": 4, - "2023/2": 2, - "2022/12": 4 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-17T05:00:00.000Z", - 1 - ], - [ - "2024-10-08T05:00:00.000Z", - 1 - ], - [ - "2025-01-06T06:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-09-22T19:55:37Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:42Z", - "repo": { - "name": "github.com/CMSgov/bluebutton-sample-client-nodejs-react", - "commit": "3f529c6f2677bde658702b802aa8bc6ed5994559" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 7, - "reason": "12 out of 16 merged PRs checked by a CI test -- score normalized to 7", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 4, - "reason": "5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 7, - "reason": "3 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 2915368, - "CodeBytes": 0, - "Lines": 54617, - "Code": 54616, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 18003, - "CodeBytes": 0, - "Lines": 468, - "Code": 379, - "Comment": 52, - "Blank": 37, - "Complexity": 32, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 14401, - "CodeBytes": 0, - "Lines": 248, - "Code": 154, - "Comment": 0, - "Blank": 94, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 965, - "CodeBytes": 0, - "Lines": 50, - "Code": 32, - "Comment": 3, - "Blank": 15, - "Complexity": 1, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1608, - "CodeBytes": 0, - "Lines": 74, - "Code": 69, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 665, - "CodeBytes": 0, - "Lines": 23, - "Code": 21, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 618, - "CodeBytes": 0, - "Lines": 20, - "Code": 20, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6556, - "CodeBytes": 0, - "Lines": 117, - "Code": 96, - "Comment": 0, - "Blank": 21, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 67, - "CodeBytes": 0, - "Lines": 3, - "Code": 3, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 5754, - "CodeBytes": 0, - "Lines": 142, - "Code": 114, - "Comment": 9, - "Blank": 19, - "Complexity": 2, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 1032, - "CodeBytes": 0, - "Lines": 41, - "Code": 32, - "Comment": 3, - "Blank": 6, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript Typings", - "Bytes": 37, - "CodeBytes": 0, - "Lines": 1, - "Code": 0, - "Comment": 1, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 1672495.8923878435, - "estimatedScheduleMonths_low": 17.318311401769925, - "estimatedPeople_low": 9.408253774962743, - "estimatedCost_high": 5212227.671180165, - "estimatedScheduleMonths_high": 17.318311401769925, - "estimatedPeople_high": 9.408253774962743, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 12 54617 1 0 54616 0\n(ULOC) 976\n-------------------------------------------------------------------------------\nTypeScript 12 468 37 52 379 32\n(ULOC) 359\n-------------------------------------------------------------------------------\nMarkdown 5 248 94 0 154 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nDockerfile 3 50 15 3 32 1\n(ULOC) 31\n-------------------------------------------------------------------------------\nYAML 3 74 5 0 69 0\n(ULOC) 48\n-------------------------------------------------------------------------------\nJavaScript 2 23 2 0 21 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nHTML 1 20 0 0 20 0\n(ULOC) 20\n-------------------------------------------------------------------------------\nLicense 1 117 21 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nPlain Text 1 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nPython 1 142 19 9 114 2\n(ULOC) 85\n-------------------------------------------------------------------------------\nSass 1 41 6 3 32 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nTypeScript Typings 1 1 0 1 0 0\n(ULOC) 1\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 43 55804 200 68 55536 35\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1796\nDRYness % 0.03\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $1,833,997\nEstimated Schedule Effort (organic) 17.32 months\nEstimated People Required (organic) 9.41\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 2965074 bytes, 2.965 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/bluebutton-sample-client-nodejs-react", + "owner": "CMSgov", + "name": "bluebutton-sample-client-nodejs-react", + "description": null, + "commits_count": 133, + "issues_count": 1, + "open_issues_count": 0, + "closed_issues_count": 1, + "pull_requests_count": 66, + "open_pull_requests_count": 5, + "merged_pull_requests_count": 38, + "closed_pull_requests_count": 23, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 17, + "total_project_lines": 55804, + "average_project_lines": 1298, + "total_project_comment_lines": 68, + "average_project_comment_lines": 2, + "total_project_blank_lines": 200, + "average_blank_lines": 5, + "commits_by_month": { + "2025/1": 1, + "2024/12": 4, + "2024/10": 1, + "2024/9": 3, + "2024/8": 3, + "2024/7": 4, + "2024/6": 1, + "2024/4": 1, + "2024/1": 2, + "2023/11": 4, + "2023/2": 2, + "2022/12": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-17T05:00:00.000Z", + 1 + ], + [ + "2024-10-08T05:00:00.000Z", + 1 + ], + [ + "2025-01-06T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-09-22T19:55:37Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:42Z", + "repo": { + "name": "github.com/CMSgov/bluebutton-sample-client-nodejs-react", + "commit": "3f529c6f2677bde658702b802aa8bc6ed5994559" }, - "predominant_langs": { - "TypeScript": 18802, - "Python": 5754, - "SCSS": 1032, - "Dockerfile": 965, - "JavaScript": 665, - "HTML": 618 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "bluebutton-sample-client-nodejs-react", - "20 days 00:17:15" - ] - ], - "repo_dependency_libyear_list": [ - [ - "@cmsgov/design-system", - 0.2602739726, - "2025-03-01T08:48:21.000" - ], - [ - "@cmsgov/design-system", - 2.3808219178, - "2024-04-04T07:41:01.000" - ], - [ - "@cmsgov/design-system", - 2.7205479452, - "2024-08-03T07:34:57.000" - ], - [ - "@eslint/compat", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "@testing-library/jest-dom", - 0.5534246575, - "2024-04-04T07:41:01.000" - ], - [ - "@testing-library/jest-dom", - 1.0136986301, - "2024-08-03T07:34:57.000" - ], - [ - "@testing-library/jest-dom", - 1.2904109589, - "2025-03-01T08:48:21.000" - ], - [ - "@testing-library/react", - 1.1315068493, - "2024-04-04T07:41:01.000" - ], - [ - "@testing-library/react", - 1.3397260274, - "2024-08-03T07:34:57.000" - ], - [ - "@testing-library/react", - 1.9589041096, - "2025-03-01T08:48:21.000" - ], - [ - "@testing-library/user-event", - 2.1945205479, - "2024-08-03T07:34:57.000" - ], - [ - "@testing-library/user-event", - 3.2602739726, - "2025-03-01T08:48:21.000" - ], - [ - "@types/express", - 0.8849315068, - "2025-01-01T18:37:05.000" - ], - [ - "@types/jest", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "@types/node", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "@types/node", - 1.8246575342, - "2024-04-04T07:41:01.000" - ], - [ - "@types/node", - 2.1534246575, - "2024-08-03T07:34:57.000" - ], - [ - "@types/react", - 0.0191780822, - "2024-04-04T07:41:01.000" - ], - [ - "@types/react", - 0.1589041096, - "2024-08-03T07:34:57.000" - ], - [ - "@types/react", - 0.1616438356, - "2025-03-01T08:48:21.000" - ], - [ - "@types/react-dom", - 0.1863013699, - "2025-03-01T08:48:21.000" - ], - [ - "@types/react-dom", - 0.3643835616, - "2024-04-04T07:41:01.000" - ], - [ - "@types/react-dom", - 0.4246575342, - "2024-08-03T07:34:57.000" - ], - [ - "@types/react-router-dom", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 0.7287671233, - "2024-04-04T07:41:01.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 1.0602739726, - "2024-08-03T07:34:57.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 1.6273972603, - "2025-03-01T08:48:21.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 3.2328767123, - "2025-01-01T18:37:05.000" - ], - [ - "@typescript-eslint/parser", - 0.7287671233, - "2024-04-04T07:41:01.000" - ], - [ - "@typescript-eslint/parser", - 1.0602739726, - "2024-08-03T07:34:57.000" - ], - [ - "@typescript-eslint/parser", - 1.6273972603, - "2025-03-01T08:48:21.000" - ], - [ - "@typescript-eslint/parser", - 3.2328767123, - "2025-01-01T18:37:05.000" - ], - [ - "@vitejs/plugin-react-swc", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "@vitest/coverage-v8", - 0.2465753425, - "2025-03-01T08:48:21.000" - ], - [ - "axios", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "cms-bluebutton-sdk", - 0.0, - "2025-01-01T18:37:05.000" - ], - [ - "eslint", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "eslint", - 3.3726027397, - "2025-01-01T18:37:05.000" - ], - [ - "eslint-config-airbnb", - 0.0, - "2025-01-01T18:37:05.000" - ], - [ - "eslint-config-airbnb-typescript", - 1.9178082192, - "2025-01-01T18:37:05.000" - ], - [ - "eslint-config-react-app", - -2.8493150685, - "2025-03-01T08:48:21.000" - ], - [ - "eslint-config-react-app", - 0.0, - "2024-08-03T07:34:57.000" - ], - [ - "eslint-plugin-import", - 0.0, - "2025-01-01T18:37:05.000" - ], - [ - "eslint-plugin-react", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "express", - 0.0, - "2025-01-01T18:37:05.000" - ], - [ - "http-proxy-middleware", - 2.9287671233, - "2024-08-03T07:34:57.000" - ], - [ - "jest", - 0.0, - "2025-01-01T18:37:05.000" - ], - [ - "jsdom", - 0.298630137, - "2025-03-01T08:48:21.000" - ], - [ - "micromatch", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "node-sass", - 0.0, - "2024-04-04T07:41:01.000" - ], - [ - "process", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "react", - -1.7835616438, - "2024-04-04T07:41:01.000" - ], - [ - "react", - -0.0438356164, - "2025-03-01T08:48:21.000" - ], - [ - "react", - 0.0, - "2024-08-03T07:34:57.000" - ], - [ - "react-dom", - -1.7835616438, - "2024-04-04T07:41:01.000" - ], - [ - "react-dom", - -0.0438356164, - "2025-03-01T08:48:21.000" - ], - [ - "react-dom", - 0.0, - "2024-08-03T07:34:57.000" - ], - [ - "react-error-overlay", - 4.0328767123, - "2025-03-01T08:48:21.000" - ], - [ - "react-router-dom", - 0.9945205479, - "2024-04-04T07:41:01.000" - ], - [ - "react-router-dom", - 1.3945205479, - "2024-08-03T07:34:57.000" - ], - [ - "react-router-dom", - 1.9479452055, - "2025-03-01T08:48:21.000" - ], - [ - "react-scripts", - 0.0, - "2024-08-03T07:34:57.000" - ], - [ - "sass", - 0.3260273973, - "2024-08-03T07:34:57.000" - ], - [ - "sass", - 0.9534246575, - "2025-03-01T08:48:21.000" - ], - [ - "ts-node", - 0.0, - "2025-01-01T18:37:05.000" - ], - [ - "tsconfig-paths", - 0.0, - "2025-01-01T18:37:05.000" - ], - [ - "typescript", - 1.1342465753, - "2024-04-04T07:41:01.000" - ], - [ - "typescript", - 1.4767123288, - "2024-08-03T07:34:57.000" - ], - [ - "typescript", - 1.8109589041, - "2025-01-01T18:37:05.000" - ], - [ - "typescript", - 2.0794520548, - "2025-03-01T08:48:21.000" - ], - [ - "vite", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "vite-plugin-eslint", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "vite-plugin-svgr", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "vite-tsconfig-paths", - 0.0, - "2025-03-01T08:48:21.000" - ], - [ - "vitest", - 0.0575342466, - "2025-03-01T08:48:21.000" - ], - [ - "web-vitals", - -0.002739726, - "2024-04-04T07:41:01.000" - ], - [ - "web-vitals", - 0.4739726027, - "2024-08-03T07:34:57.000" - ], - [ - "web-vitals", - 0.7397260274, - "2025-03-01T08:48:21.000" - ] + "score": 5.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 7, + "reason": "12 out of 16 merged PRs checked by a CI test -- score normalized to 7", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 4, + "reason": "5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 7, + "reason": "3 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 2915368, + "CodeBytes": 0, + "Lines": 54617, + "Code": 54616, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 18003, + "CodeBytes": 0, + "Lines": 468, + "Code": 379, + "Comment": 52, + "Blank": 37, + "Complexity": 32, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 14401, + "CodeBytes": 0, + "Lines": 248, + "Code": 154, + "Comment": 0, + "Blank": 94, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 965, + "CodeBytes": 0, + "Lines": 50, + "Code": 32, + "Comment": 3, + "Blank": 15, + "Complexity": 1, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1608, + "CodeBytes": 0, + "Lines": 74, + "Code": 69, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 665, + "CodeBytes": 0, + "Lines": 23, + "Code": 21, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 618, + "CodeBytes": 0, + "Lines": 20, + "Code": 20, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6556, + "CodeBytes": 0, + "Lines": 117, + "Code": 96, + "Comment": 0, + "Blank": 21, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 67, + "CodeBytes": 0, + "Lines": 3, + "Code": 3, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 5754, + "CodeBytes": 0, + "Lines": 142, + "Code": 114, + "Comment": 9, + "Blank": 19, + "Complexity": 2, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 1032, + "CodeBytes": 0, + "Lines": 41, + "Code": 32, + "Comment": 3, + "Blank": 6, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript Typings", + "Bytes": 37, + "CodeBytes": 0, + "Lines": 1, + "Code": 0, + "Comment": 1, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 1672495.8923878435, + "estimatedScheduleMonths_low": 17.318311401769925, + "estimatedPeople_low": 9.408253774962743, + "estimatedCost_high": 5212227.671180165, + "estimatedScheduleMonths_high": 17.318311401769925, + "estimatedPeople_high": 9.408253774962743, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 12 54617 1 0 54616 0\n(ULOC) 976\n-------------------------------------------------------------------------------\nTypeScript 12 468 37 52 379 32\n(ULOC) 359\n-------------------------------------------------------------------------------\nMarkdown 5 248 94 0 154 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nDockerfile 3 50 15 3 32 1\n(ULOC) 31\n-------------------------------------------------------------------------------\nYAML 3 74 5 0 69 0\n(ULOC) 48\n-------------------------------------------------------------------------------\nJavaScript 2 23 2 0 21 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nHTML 1 20 0 0 20 0\n(ULOC) 20\n-------------------------------------------------------------------------------\nLicense 1 117 21 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nPlain Text 1 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nPython 1 142 19 9 114 2\n(ULOC) 85\n-------------------------------------------------------------------------------\nSass 1 41 6 3 32 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nTypeScript Typings 1 1 0 1 0 0\n(ULOC) 1\n───────────────────────────────────────────────────────────────────────────────\nTotal 43 55804 200 68 55536 35\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1796\nDRYness % 0.03\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,833,997\nEstimated Schedule Effort (organic) 17.32 months\nEstimated People Required (organic) 9.41\n───────────────────────────────────────────────────────────────────────────────\nProcessed 2965074 bytes, 2.965 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 18802, + "Python": 5754, + "SCSS": 1032, + "Dockerfile": 965, + "JavaScript": 665, + "HTML": 618 + }, + "average_issue_resolution_time": [ + [ + "bluebutton-sample-client-nodejs-react", + "20 days 00:17:15" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@cmsgov/design-system", + 0.2602739726, + "2025-03-01T08:48:21.000" + ], + [ + "@cmsgov/design-system", + 2.3808219178, + "2024-04-04T07:41:01.000" + ], + [ + "@cmsgov/design-system", + 2.7205479452, + "2024-08-03T07:34:57.000" + ], + [ + "@eslint/compat", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "@testing-library/jest-dom", + 0.5534246575, + "2024-04-04T07:41:01.000" + ], + [ + "@testing-library/jest-dom", + 1.0136986301, + "2024-08-03T07:34:57.000" + ], + [ + "@testing-library/jest-dom", + 1.2904109589, + "2025-03-01T08:48:21.000" + ], + [ + "@testing-library/react", + 1.1315068493, + "2024-04-04T07:41:01.000" + ], + [ + "@testing-library/react", + 1.3397260274, + "2024-08-03T07:34:57.000" + ], + [ + "@testing-library/react", + 1.9589041096, + "2025-03-01T08:48:21.000" + ], + [ + "@testing-library/user-event", + 2.1945205479, + "2024-08-03T07:34:57.000" + ], + [ + "@testing-library/user-event", + 3.2602739726, + "2025-03-01T08:48:21.000" + ], + [ + "@types/express", + 0.8849315068, + "2025-01-01T18:37:05.000" + ], + [ + "@types/jest", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "@types/node", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "@types/node", + 1.8246575342, + "2024-04-04T07:41:01.000" + ], + [ + "@types/node", + 2.1534246575, + "2024-08-03T07:34:57.000" + ], + [ + "@types/react", + 0.0191780822, + "2024-04-04T07:41:01.000" + ], + [ + "@types/react", + 0.1589041096, + "2024-08-03T07:34:57.000" + ], + [ + "@types/react", + 0.1616438356, + "2025-03-01T08:48:21.000" + ], + [ + "@types/react-dom", + 0.1863013699, + "2025-03-01T08:48:21.000" + ], + [ + "@types/react-dom", + 0.3643835616, + "2024-04-04T07:41:01.000" + ], + [ + "@types/react-dom", + 0.4246575342, + "2024-08-03T07:34:57.000" + ], + [ + "@types/react-router-dom", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 0.7287671233, + "2024-04-04T07:41:01.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 1.0602739726, + "2024-08-03T07:34:57.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 1.6273972603, + "2025-03-01T08:48:21.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 3.2328767123, + "2025-01-01T18:37:05.000" + ], + [ + "@typescript-eslint/parser", + 0.7287671233, + "2024-04-04T07:41:01.000" + ], + [ + "@typescript-eslint/parser", + 1.0602739726, + "2024-08-03T07:34:57.000" + ], + [ + "@typescript-eslint/parser", + 1.6273972603, + "2025-03-01T08:48:21.000" + ], + [ + "@typescript-eslint/parser", + 3.2328767123, + "2025-01-01T18:37:05.000" + ], + [ + "@vitejs/plugin-react-swc", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "@vitest/coverage-v8", + 0.2465753425, + "2025-03-01T08:48:21.000" + ], + [ + "axios", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "cms-bluebutton-sdk", + 0.0, + "2025-01-01T18:37:05.000" + ], + [ + "eslint", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "eslint", + 3.3726027397, + "2025-01-01T18:37:05.000" + ], + [ + "eslint-config-airbnb", + 0.0, + "2025-01-01T18:37:05.000" + ], + [ + "eslint-config-airbnb-typescript", + 1.9178082192, + "2025-01-01T18:37:05.000" + ], + [ + "eslint-config-react-app", + -2.8493150685, + "2025-03-01T08:48:21.000" + ], + [ + "eslint-config-react-app", + 0.0, + "2024-08-03T07:34:57.000" + ], + [ + "eslint-plugin-import", + 0.0, + "2025-01-01T18:37:05.000" + ], + [ + "eslint-plugin-react", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "express", + 0.0, + "2025-01-01T18:37:05.000" + ], + [ + "http-proxy-middleware", + 2.9287671233, + "2024-08-03T07:34:57.000" + ], + [ + "jest", + 0.0, + "2025-01-01T18:37:05.000" + ], + [ + "jsdom", + 0.298630137, + "2025-03-01T08:48:21.000" + ], + [ + "micromatch", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "node-sass", + 0.0, + "2024-04-04T07:41:01.000" + ], + [ + "process", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "react", + -1.7835616438, + "2024-04-04T07:41:01.000" + ], + [ + "react", + -0.0438356164, + "2025-03-01T08:48:21.000" + ], + [ + "react", + 0.0, + "2024-08-03T07:34:57.000" + ], + [ + "react-dom", + -1.7835616438, + "2024-04-04T07:41:01.000" + ], + [ + "react-dom", + -0.0438356164, + "2025-03-01T08:48:21.000" + ], + [ + "react-dom", + 0.0, + "2024-08-03T07:34:57.000" + ], + [ + "react-error-overlay", + 4.0328767123, + "2025-03-01T08:48:21.000" + ], + [ + "react-router-dom", + 0.9945205479, + "2024-04-04T07:41:01.000" + ], + [ + "react-router-dom", + 1.3945205479, + "2024-08-03T07:34:57.000" + ], + [ + "react-router-dom", + 1.9479452055, + "2025-03-01T08:48:21.000" + ], + [ + "react-scripts", + 0.0, + "2024-08-03T07:34:57.000" + ], + [ + "sass", + 0.3260273973, + "2024-08-03T07:34:57.000" + ], + [ + "sass", + 0.9534246575, + "2025-03-01T08:48:21.000" + ], + [ + "ts-node", + 0.0, + "2025-01-01T18:37:05.000" + ], + [ + "tsconfig-paths", + 0.0, + "2025-01-01T18:37:05.000" + ], + [ + "typescript", + 1.1342465753, + "2024-04-04T07:41:01.000" + ], + [ + "typescript", + 1.4767123288, + "2024-08-03T07:34:57.000" + ], + [ + "typescript", + 1.8109589041, + "2025-01-01T18:37:05.000" + ], + [ + "typescript", + 2.0794520548, + "2025-03-01T08:48:21.000" + ], + [ + "vite", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "vite-plugin-eslint", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "vite-plugin-svgr", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "vite-tsconfig-paths", + 0.0, + "2025-03-01T08:48:21.000" + ], + [ + "vitest", + 0.0575342466, + "2025-03-01T08:48:21.000" + ], + [ + "web-vitals", + -0.002739726, + "2024-04-04T07:41:01.000" + ], + [ + "web-vitals", + 0.4739726027, + "2024-08-03T07:34:57.000" + ], + [ + "web-vitals", + 0.7397260274, + "2025-03-01T08:48:21.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/bluebutton-web-deployment/bluebutton-web-deployment_data.json b/app/site/_data/CMSgov/bluebutton-web-deployment/bluebutton-web-deployment_data.json index c96253a69a..6818a11aed 100644 --- a/app/site/_data/CMSgov/bluebutton-web-deployment/bluebutton-web-deployment_data.json +++ b/app/site/_data/CMSgov/bluebutton-web-deployment/bluebutton-web-deployment_data.json @@ -1,482 +1,482 @@ { - "url": "https://github.com/CMSgov/bluebutton-web-deployment", - "owner": "CMSgov", - "name": "bluebutton-web-deployment", - "description": "Ansible Configuration and Playbooks", - "commits_count": 3484, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1544, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 1490, - "closed_pull_requests_count": 54, - "forks_count": 5, - "stargazers_count": 10, - "watchers_count": 22, - "total_project_lines": 6559, - "average_project_lines": 67, - "total_project_comment_lines": 503, - "average_project_comment_lines": 5, - "total_project_blank_lines": 964, - "average_blank_lines": 10, - "commits_by_month": { - "2025/1": 3, - "2024/11": 1, - "2024/10": 1, - "2024/9": 3, - "2024/8": 1, - "2024/6": 1, - "2024/5": 4, - "2024/4": 6, - "2024/3": 2, - "2024/2": 1, - "2024/1": 2, - "2023/11": 4, - "2023/10": 1 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-17T05:00:00.000Z", - 1 - ], - [ - "2024-10-15T05:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/bluebutton-web-deployment", + "owner": "CMSgov", + "name": "bluebutton-web-deployment", + "description": "Ansible Configuration and Playbooks", + "commits_count": 3484, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1544, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 1490, + "closed_pull_requests_count": 54, + "forks_count": 5, + "stargazers_count": 10, + "watchers_count": 22, + "total_project_lines": 6559, + "average_project_lines": 67, + "total_project_comment_lines": 503, + "average_project_comment_lines": 5, + "total_project_blank_lines": 964, + "average_blank_lines": 10, + "commits_by_month": { + "2025/1": 3, + "2024/11": 1, + "2024/10": 1, + "2024/9": 3, + "2024/8": 1, + "2024/6": 1, + "2024/5": 4, + "2024/4": 6, + "2024/3": 2, + "2024/2": 1, + "2024/1": 2, + "2023/11": 4, + "2023/10": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-17T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2017-03-15T15:25:57Z", - "ossf_scorecard": { - "date": "2025-02-23T16:39:06Z", - "repo": { - "name": "github.com/CMSgov/bluebutton-web-deployment", - "commit": "58cb4795bedfe32ac3f91c938cb9626261fe3ac7" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 30 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 8 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 2, - "reason": "3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 32708, - "CodeBytes": 0, - "Lines": 1425, - "Code": 1052, - "Comment": 63, - "Blank": 310, - "Complexity": 15, - "Count": 29, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 57316, - "CodeBytes": 0, - "Lines": 1742, - "Code": 1350, - "Comment": 201, - "Blank": 191, - "Complexity": 0, - "Count": 27, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HCL", - "Bytes": 1580, - "CodeBytes": 0, - "Lines": 67, - "Code": 44, - "Comment": 20, - "Blank": 3, - "Complexity": 0, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Jinja", - "Bytes": 13965, - "CodeBytes": 0, - "Lines": 353, - "Code": 316, - "Comment": 0, - "Blank": 37, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 7680, - "CodeBytes": 0, - "Lines": 246, - "Code": 181, - "Comment": 0, - "Blank": 65, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "INI", - "Bytes": 5796, - "CodeBytes": 0, - "Lines": 240, - "Code": 180, - "Comment": 16, - "Blank": 44, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Smarty Template", - "Bytes": 9623, - "CodeBytes": 0, - "Lines": 132, - "Code": 95, - "Comment": 0, - "Blank": 37, - "Complexity": 8, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 2263, - "CodeBytes": 0, - "Lines": 75, - "Code": 75, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 7922, - "CodeBytes": 0, - "Lines": 234, - "Code": 164, - "Comment": 39, - "Blank": 31, - "Complexity": 22, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Groovy", - "Bytes": 717, - "CodeBytes": 0, - "Lines": 29, - "Code": 25, - "Comment": 1, - "Blank": 3, - "Complexity": 3, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 2379, - "CodeBytes": 0, - "Lines": 73, - "Code": 58, - "Comment": 5, - "Blank": 10, - "Complexity": 3, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 18125, - "CodeBytes": 0, - "Lines": 341, - "Code": 282, - "Comment": 0, - "Blank": 59, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 67387, - "CodeBytes": 0, - "Lines": 1587, - "Code": 1257, - "Comment": 158, - "Blank": 172, - "Complexity": 269, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Systemd", - "Bytes": 325, - "CodeBytes": 0, - "Lines": 16, - "Code": 14, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 136108.13828738255, - "estimatedScheduleMonths_low": 6.675791701248766, - "estimatedPeople_low": 1.9862358869513372, - "estimatedCost_high": 424172.40477730235, - "estimatedScheduleMonths_high": 6.675791701248766, - "estimatedPeople_high": 1.9862358869513372, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 29 1425 310 63 1052 15\n(ULOC) 495\n-------------------------------------------------------------------------------\nYAML 27 1742 191 201 1350 0\n(ULOC) 783\n-------------------------------------------------------------------------------\nHCL 11 67 3 20 44 0\n(ULOC) 28\n-------------------------------------------------------------------------------\nJinja 6 353 37 0 316 0\n(ULOC) 266\n-------------------------------------------------------------------------------\nMarkdown 6 246 65 0 181 0\n(ULOC) 159\n-------------------------------------------------------------------------------\nINI 5 240 44 16 180 0\n(ULOC) 69\n-------------------------------------------------------------------------------\nSmarty Template 5 132 37 0 95 8\n(ULOC) 28\n-------------------------------------------------------------------------------\nJSON 2 75 0 0 75 0\n(ULOC) 54\n-------------------------------------------------------------------------------\nShell 2 234 31 39 164 22\n(ULOC) 163\n-------------------------------------------------------------------------------\nGroovy 1 29 3 1 25 3\n(ULOC) 24\n-------------------------------------------------------------------------------\nJavaScript 1 73 10 5 58 3\n(ULOC) 54\n-------------------------------------------------------------------------------\nLicense 1 341 59 0 282 0\n(ULOC) 282\n-------------------------------------------------------------------------------\nPython 1 1587 172 158 1257 269\n(ULOC) 1048\n-------------------------------------------------------------------------------\nSystemd 1 16 2 0 14 0\n(ULOC) 15\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 98 6560 964 503 5093 320\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 3413\nDRYness % 0.52\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $149,251\nEstimated Schedule Effort (organic) 6.68 months\nEstimated People Required (organic) 1.99\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 227786 bytes, 0.228 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-10-15T05:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2017-03-15T15:25:57Z", + "ossf_scorecard": { + "date": "2025-02-23T16:39:06Z", + "repo": { + "name": "github.com/CMSgov/bluebutton-web-deployment", + "commit": "58cb4795bedfe32ac3f91c938cb9626261fe3ac7" }, - "predominant_langs": { - "Python": 67387, - "HCL": 34561, - "Shell": 15172, - "Jinja": 13965, - "JavaScript": 2379, - "Smarty": 2373, - "Groovy": 717 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 30 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 8 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 2, + "reason": "3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 32708, + "CodeBytes": 0, + "Lines": 1425, + "Code": 1052, + "Comment": 63, + "Blank": 310, + "Complexity": 15, + "Count": 29, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 57316, + "CodeBytes": 0, + "Lines": 1742, + "Code": 1350, + "Comment": 201, + "Blank": 191, + "Complexity": 0, + "Count": 27, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HCL", + "Bytes": 1580, + "CodeBytes": 0, + "Lines": 67, + "Code": 44, + "Comment": 20, + "Blank": 3, + "Complexity": 0, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Jinja", + "Bytes": 13965, + "CodeBytes": 0, + "Lines": 353, + "Code": 316, + "Comment": 0, + "Blank": 37, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 7680, + "CodeBytes": 0, + "Lines": 246, + "Code": 181, + "Comment": 0, + "Blank": 65, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "INI", + "Bytes": 5796, + "CodeBytes": 0, + "Lines": 240, + "Code": 180, + "Comment": 16, + "Blank": 44, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Smarty Template", + "Bytes": 9623, + "CodeBytes": 0, + "Lines": 132, + "Code": 95, + "Comment": 0, + "Blank": 37, + "Complexity": 8, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 2263, + "CodeBytes": 0, + "Lines": 75, + "Code": 75, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 7922, + "CodeBytes": 0, + "Lines": 234, + "Code": 164, + "Comment": 39, + "Blank": 31, + "Complexity": 22, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Groovy", + "Bytes": 717, + "CodeBytes": 0, + "Lines": 29, + "Code": 25, + "Comment": 1, + "Blank": 3, + "Complexity": 3, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 2379, + "CodeBytes": 0, + "Lines": 73, + "Code": 58, + "Comment": 5, + "Blank": 10, + "Complexity": 3, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 18125, + "CodeBytes": 0, + "Lines": 341, + "Code": 282, + "Comment": 0, + "Blank": 59, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 67387, + "CodeBytes": 0, + "Lines": 1587, + "Code": 1257, + "Comment": 158, + "Blank": 172, + "Complexity": 269, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Systemd", + "Bytes": 325, + "CodeBytes": 0, + "Lines": 16, + "Code": 14, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 136108.13828738255, + "estimatedScheduleMonths_low": 6.675791701248766, + "estimatedPeople_low": 1.9862358869513372, + "estimatedCost_high": 424172.40477730235, + "estimatedScheduleMonths_high": 6.675791701248766, + "estimatedPeople_high": 1.9862358869513372, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 29 1425 310 63 1052 15\n(ULOC) 495\n-------------------------------------------------------------------------------\nYAML 27 1742 191 201 1350 0\n(ULOC) 783\n-------------------------------------------------------------------------------\nHCL 11 67 3 20 44 0\n(ULOC) 28\n-------------------------------------------------------------------------------\nJinja 6 353 37 0 316 0\n(ULOC) 266\n-------------------------------------------------------------------------------\nMarkdown 6 246 65 0 181 0\n(ULOC) 159\n-------------------------------------------------------------------------------\nINI 5 240 44 16 180 0\n(ULOC) 69\n-------------------------------------------------------------------------------\nSmarty Template 5 132 37 0 95 8\n(ULOC) 28\n-------------------------------------------------------------------------------\nJSON 2 75 0 0 75 0\n(ULOC) 54\n-------------------------------------------------------------------------------\nShell 2 234 31 39 164 22\n(ULOC) 163\n-------------------------------------------------------------------------------\nGroovy 1 29 3 1 25 3\n(ULOC) 24\n-------------------------------------------------------------------------------\nJavaScript 1 73 10 5 58 3\n(ULOC) 54\n-------------------------------------------------------------------------------\nLicense 1 341 59 0 282 0\n(ULOC) 282\n-------------------------------------------------------------------------------\nPython 1 1587 172 158 1257 269\n(ULOC) 1048\n-------------------------------------------------------------------------------\nSystemd 1 16 2 0 14 0\n(ULOC) 15\n───────────────────────────────────────────────────────────────────────────────\nTotal 98 6560 964 503 5093 320\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3413\nDRYness % 0.52\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $149,251\nEstimated Schedule Effort (organic) 6.68 months\nEstimated People Required (organic) 1.99\n───────────────────────────────────────────────────────────────────────────────\nProcessed 227786 bytes, 0.228 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Python": 67387, + "HCL": 34561, + "Shell": 15172, + "Jinja": 13965, + "JavaScript": 2379, + "Smarty": 2373, + "Groovy": 717 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/bluebutton-web-server/bluebutton-web-server_data.json b/app/site/_data/CMSgov/bluebutton-web-server/bluebutton-web-server_data.json index a7d516f87e..3284fad938 100644 --- a/app/site/_data/CMSgov/bluebutton-web-server/bluebutton-web-server_data.json +++ b/app/site/_data/CMSgov/bluebutton-web-server/bluebutton-web-server_data.json @@ -1,1301 +1,1301 @@ { - "url": "https://github.com/CMSgov/bluebutton-web-server", - "owner": "CMSgov", - "name": "bluebutton-web-server", - "description": "Blue Button API", - "commits_count": 3544, - "issues_count": 26, - "open_issues_count": 0, - "closed_issues_count": 26, - "pull_requests_count": 1270, - "open_pull_requests_count": 11, - "merged_pull_requests_count": 1041, - "closed_pull_requests_count": 218, - "forks_count": 24, - "stargazers_count": 40, - "watchers_count": 25, - "total_project_lines": 209672, - "average_project_lines": 212, - "total_project_comment_lines": 17472, - "average_project_comment_lines": 18, - "total_project_blank_lines": 10653, - "average_blank_lines": 11, - "commits_by_month": { - "2025/2": 8, - "2025/1": 8, - "2024/12": 4, - "2024/11": 10 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-17T05:00:00.000Z", - 1 - ], - [ - "2024-09-20T05:00:00.000Z", - 1 - ], - [ - "2024-09-23T05:00:00.000Z", - 1 - ], - [ - "2024-09-25T05:00:00.000Z", - 1 - ], - [ - "2024-10-10T05:00:00.000Z", - 1 - ], - [ - "2024-10-25T05:00:00.000Z", - 1 - ], - [ - "2024-11-06T06:00:00.000Z", - 1 - ], - [ - "2024-11-14T06:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2016-01-20T21:52:00Z", - "ossf_scorecard": { - "date": "2025-02-23T16:35:24Z", - "repo": { - "name": "github.com/CMSgov/bluebutton-web-server", - "commit": "cfba1447b1ffa441b4258ffb923507e7b995dc68" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.8, - "checks": [ - { - "details": null, - "score": 0, - "reason": "binaries present in source code", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 8, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 21 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "17 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool is run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 9, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 7, - "reason": "3 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Python", - "Bytes": 2653263, - "CodeBytes": 0, - "Lines": 66007, - "Code": 57092, - "Comment": 3759, - "Blank": 5156, - "Complexity": 1879, - "Count": 433, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 296548, - "CodeBytes": 0, - "Lines": 9180, - "Code": 5189, - "Comment": 3264, - "Blank": 727, - "Complexity": 0, - "Count": 95, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 4118952, - "CodeBytes": 0, - "Lines": 5621, - "Code": 4122, - "Comment": 488, - "Blank": 1011, - "Complexity": 909, - "Count": 83, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 300735, - "CodeBytes": 0, - "Lines": 6283, - "Code": 5072, - "Comment": 427, - "Blank": 784, - "Complexity": 0, - "Count": 78, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSX", - "Bytes": 176193, - "CodeBytes": 0, - "Lines": 6278, - "Code": 4737, - "Comment": 735, - "Blank": 806, - "Complexity": 172, - "Count": 66, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 616067, - "CodeBytes": 0, - "Lines": 3453, - "Code": 3443, - "Comment": 10, - "Blank": 0, - "Complexity": 0, - "Count": 38, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 2089596, - "CodeBytes": 0, - "Lines": 43052, - "Code": 43052, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 36, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 45563, - "CodeBytes": 0, - "Lines": 846, - "Code": 723, - "Comment": 25, - "Blank": 98, - "Complexity": 44, - "Count": 33, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript Typings", - "Bytes": 6537, - "CodeBytes": 0, - "Lines": 165, - "Code": 140, - "Comment": 25, - "Blank": 0, - "Complexity": 2, - "Count": 29, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 56210, - "CodeBytes": 0, - "Lines": 1490, - "Code": 1054, - "Comment": 0, - "Blank": 436, - "Complexity": 0, - "Count": 22, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "LESS", - "Bytes": 78976, - "CodeBytes": 0, - "Lines": 1836, - "Code": 1758, - "Comment": 44, - "Blank": 34, - "Complexity": 0, - "Count": 14, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 110831, - "CodeBytes": 0, - "Lines": 1682, - "Code": 1643, - "Comment": 0, - "Blank": 39, - "Complexity": 0, - "Count": 14, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1773072, - "CodeBytes": 0, - "Lines": 35075, - "Code": 34730, - "Comment": 42, - "Blank": 303, - "Complexity": 0, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 1171490, - "CodeBytes": 0, - "Lines": 23076, - "Code": 13594, - "Comment": 8399, - "Blank": 1083, - "Complexity": 0, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 51883, - "CodeBytes": 0, - "Lines": 1326, - "Code": 946, - "Comment": 221, - "Blank": 159, - "Complexity": 122, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 210667, - "CodeBytes": 0, - "Lines": 4361, - "Code": 4314, - "Comment": 20, - "Blank": 27, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Autoconf", - "Bytes": 916, - "CodeBytes": 0, - "Lines": 66, - "Code": 54, - "Comment": 8, - "Blank": 4, - "Complexity": 4, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 688, - "CodeBytes": 0, - "Lines": 23, - "Code": 23, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 2565, - "CodeBytes": 0, - "Lines": 49, - "Code": 25, - "Comment": 12, - "Blank": 12, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 3875, - "CodeBytes": 0, - "Lines": 2, - "Code": 2, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 103, - "CodeBytes": 0, - "Lines": 7, - "Code": 6, - "Comment": 1, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 11576, - "CodeBytes": 0, - "Lines": 207, - "Code": 173, - "Comment": 0, - "Blank": 34, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 846, - "CodeBytes": 0, - "Lines": 17, - "Code": 11, - "Comment": 2, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 5812909.859181962, - "estimatedScheduleMonths_low": 27.803302529810132, - "estimatedPeople_low": 20.367921435201794, - "estimatedCost_high": 18115565.937113952, - "estimatedScheduleMonths_high": 27.803302529810132, - "estimatedPeople_high": 20.367921435201794, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nPython 433 66007 5156 3759 57092 1879\n(ULOC) 20735\n-------------------------------------------------------------------------------\nSass 95 9180 727 3264 5189 0\n(ULOC) 5672\n-------------------------------------------------------------------------------\nJavaScript 83 5621 1011 488 4122 909\n(ULOC) 2843\n-------------------------------------------------------------------------------\nHTML 78 6283 784 427 5072 0\n(ULOC) 3008\n-------------------------------------------------------------------------------\nJSX 66 6278 806 735 4737 172\n(ULOC) 3125\n-------------------------------------------------------------------------------\nSVG 38 3453 0 10 3443 0\n(ULOC) 3131\n-------------------------------------------------------------------------------\nJSON 36 43052 0 0 43052 0\n(ULOC) 2841\n-------------------------------------------------------------------------------\nTypeScript 33 846 98 25 723 44\n(ULOC) 501\n-------------------------------------------------------------------------------\nTypeScript Typings 29 165 0 25 140 2\n(ULOC) 119\n-------------------------------------------------------------------------------\nMarkdown 22 1490 436 0 1054 0\n(ULOC) 814\n-------------------------------------------------------------------------------\nLESS 14 1836 34 44 1758 0\n(ULOC) 1747\n-------------------------------------------------------------------------------\nPlain Text 14 1682 39 0 1643 0\n(ULOC) 872\n-------------------------------------------------------------------------------\nYAML 13 35075 303 42 34730 0\n(ULOC) 2655\n-------------------------------------------------------------------------------\nCSS 12 23076 1083 8399 13594 0\n(ULOC) 9126\n-------------------------------------------------------------------------------\nShell 11 1326 159 221 946 122\n(ULOC) 775\n-------------------------------------------------------------------------------\nXML 7 4361 27 20 4314 0\n(ULOC) 966\n-------------------------------------------------------------------------------\nAutoconf 2 66 4 8 54 4\n(ULOC) 63\n-------------------------------------------------------------------------------\nDockerfile 2 23 0 0 23 0\n(ULOC) 17\n-------------------------------------------------------------------------------\nSQL 2 49 12 12 25 0\n(ULOC) 28\n-------------------------------------------------------------------------------\nCSV 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nDocker ignore 1 7 0 1 6 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nLicense 1 207 34 0 173 0\n(ULOC) 172\n-------------------------------------------------------------------------------\nMakefile 1 17 4 2 11 0\n(ULOC) 14\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 994 210102 10717 17482 181903 3132\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 56904\nDRYness % 0.27\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $6,374,221\nEstimated Schedule Effort (organic) 27.80 months\nEstimated People Required (organic) 20.37\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 13777152 bytes, 13.777 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/bluebutton-web-server", + "owner": "CMSgov", + "name": "bluebutton-web-server", + "description": "Blue Button API", + "commits_count": 3544, + "issues_count": 26, + "open_issues_count": 0, + "closed_issues_count": 26, + "pull_requests_count": 1270, + "open_pull_requests_count": 11, + "merged_pull_requests_count": 1041, + "closed_pull_requests_count": 218, + "forks_count": 24, + "stargazers_count": 40, + "watchers_count": 25, + "total_project_lines": 209672, + "average_project_lines": 212, + "total_project_comment_lines": 17472, + "average_project_comment_lines": 18, + "total_project_blank_lines": 10653, + "average_blank_lines": 11, + "commits_by_month": { + "2025/2": 8, + "2025/1": 8, + "2024/12": 4, + "2024/11": 10 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-17T05:00:00.000Z", + 1 + ], + [ + "2024-09-20T05:00:00.000Z", + 1 + ], + [ + "2024-09-23T05:00:00.000Z", + 1 + ], + [ + "2024-09-25T05:00:00.000Z", + 1 + ], + [ + "2024-10-10T05:00:00.000Z", + 1 + ], + [ + "2024-10-25T05:00:00.000Z", + 1 + ], + [ + "2024-11-06T06:00:00.000Z", + 1 + ], + [ + "2024-11-14T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2016-01-20T21:52:00Z", + "ossf_scorecard": { + "date": "2025-02-23T16:35:24Z", + "repo": { + "name": "github.com/CMSgov/bluebutton-web-server", + "commit": "cfba1447b1ffa441b4258ffb923507e7b995dc68" }, - "predominant_langs": { - "Python": 2654402, - "CSS": 491955, - "HTML": 291338, - "JavaScript": 290846, - "SCSS": 211534, - "Shell": 51883, - "TypeScript": 45563, - "PLpgSQL": 2565, - "Makefile": 846, - "Dockerfile": 688 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "bluebutton-web-server", - "319 days 25:36:18.884615" - ] - ], - "repo_dependency_libyear_list": [ - [ - "This", - -1.0, - "2025-03-01T19:05:16.000" - ], - [ - "WARNING", - -1.0, - "2025-03-01T19:05:16.000" - ], - [ - "asgiref", - 1.2547945205, - "2025-03-01T19:05:16.000" - ], - [ - "attrs", - 0.7068493151, - "2024-04-13T01:23:56.000" - ], - [ - "attrs", - 1.3095890411, - "2024-10-16T23:09:43.000" - ], - [ - "attrs", - 1.7808219178, - "2025-03-01T19:05:16.000" - ], - [ - "backports-zoneinfo", - 0.0, - "2024-10-16T23:09:43.000" - ], - [ - "beautifulsoup4", - 0.7808219178, - "2024-10-16T23:09:43.000" - ], - [ - "beautifulsoup4", - 1.8328767123, - "2025-03-01T19:05:16.000" - ], - [ - "boto3", - 0.9205479452, - "2024-04-13T01:23:56.000" - ], - [ - "boto3", - 1.301369863, - "2024-08-29T08:59:33.000" - ], - [ - "boto3", - 1.4328767123, - "2024-10-16T23:09:43.000" - ], - [ - "boto3", - 1.8054794521, - "2025-03-01T19:05:16.000" - ], - [ - "botocore", - 0.7835616438, - "2024-04-13T01:23:56.000" - ], - [ - "botocore", - 1.1643835616, - "2024-08-29T08:59:33.000" - ], - [ - "botocore", - 1.295890411, - "2024-10-16T23:09:43.000" - ], - [ - "botocore", - 1.6684931507, - "2025-03-01T19:05:16.000" - ], - [ - "by", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "certifi", - 0.0, - "2024-08-29T08:59:33.000" - ], - [ - "certifi", - 0.1561643836, - "2024-10-16T23:09:43.000" - ], - [ - "certifi", - 0.5315068493, - "2024-04-13T01:23:56.000" - ], - [ - "certifi", - 0.5780821918, - "2025-03-01T19:05:16.000" - ], - [ - "cffi", - 1.2438356164, - "2024-04-13T01:23:56.000" - ], - [ - "cffi", - 2.101369863, - "2024-08-29T08:59:33.000" - ], - [ - "cffi", - 2.1835616438, - "2025-03-01T19:05:16.000" - ], - [ - "charset-normalizer", - 0.6547945205, - "2024-08-29T08:59:33.000" - ], - [ - "charset-normalizer", - 1.5945205479, - "2024-10-16T23:09:43.000" - ], - [ - "charset-normalizer", - 1.8054794521, - "2025-03-01T19:05:16.000" - ], - [ - "configparser", - 1.5150684932, - "2024-04-13T01:23:56.000" - ], - [ - "configparser", - 2.0, - "2025-03-01T19:05:16.000" - ], - [ - "cryptography", - 0.202739726, - "2024-08-29T08:59:33.000" - ], - [ - "cryptography", - 0.2410958904, - "2024-04-13T01:23:56.000" - ], - [ - "cryptography", - 0.2575342466, - "2025-03-01T19:05:16.000" - ], - [ - "cryptography", - 0.3287671233, - "2024-10-16T23:09:43.000" - ], - [ - "deprecated", - 1.7232876712, - "2024-04-13T01:23:56.000" - ], - [ - "dj-database-url", - 0.298630137, - "2024-04-13T01:23:56.000" - ], - [ - "dj-database-url", - 1.0849315068, - "2024-10-16T23:09:43.000" - ], - [ - "dj-database-url", - 1.4904109589, - "2025-03-01T19:05:16.000" - ], - [ - "django", - 0.0, - "2024-10-16T23:09:43.000" - ], - [ - "django", - 0.1698630137, - "2025-03-01T19:05:16.000" - ], - [ - "django", - 0.4219178082, - "2024-04-13T01:23:56.000" - ], - [ - "django-axes", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "django-bootstrap-form", - 0.0, - "2024-08-29T08:59:33.000" - ], - [ - "django-bootstrap-v5", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "django-cors-headers", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "django-filter", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "django-getenv", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "django-ipware", - 1.104109589, - "2024-04-13T01:23:56.000" - ], - [ - "django-ipware", - 1.1260273973, - "2025-03-01T19:05:16.000" - ], - [ - "django-localflavor", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "django-oauth-toolkit", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "django-ses", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "django-settings-export", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "django-storages", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "django-waffle", - 1.2794520548, - "2024-10-16T23:09:43.000" - ], - [ - "django-waffle", - 2.2136986301, - "2025-03-01T19:05:16.000" - ], - [ - "djangorestframework", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "djangorestframework-csv", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "djangorestframework-yaml", - 0.0, - "2024-08-29T08:59:33.000" - ], - [ - "hash", - -1.0, - "2025-03-01T19:05:16.000" - ], - [ - "idna", - 0.3671232877, - "2024-08-29T08:59:33.000" - ], - [ - "idna", - 0.4301369863, - "2025-03-01T19:05:16.000" - ], - [ - "idna", - 1.5753424658, - "2024-04-13T01:23:56.000" - ], - [ - "importlib-metadata", - 0.9123287671, - "2024-04-13T01:23:56.000" - ], - [ - "importlib-metadata", - 1.3315068493, - "2024-08-29T08:59:33.000" - ], - [ - "importlib-metadata", - 1.3917808219, - "2024-10-16T23:09:43.000" - ], - [ - "importlib-metadata", - 1.7506849315, - "2025-03-01T19:05:16.000" - ], - [ - "importlib-resources", - 1.0876712329, - "2024-04-13T01:23:56.000" - ], - [ - "importlib-resources", - 1.5068493151, - "2024-08-29T08:59:33.000" - ], - [ - "importlib-resources", - 1.5589041096, - "2024-10-16T23:09:43.000" - ], - [ - "importlib-resources", - 1.8767123288, - "2025-03-01T19:05:16.000" - ], - [ - "jmespath", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "jsonschema", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "jwcrypto", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "newrelic", - 0.9945205479, - "2024-04-13T01:23:56.000" - ], - [ - "newrelic", - 1.3616438356, - "2024-08-29T08:59:33.000" - ], - [ - "newrelic", - 1.5479452055, - "2024-10-16T23:09:43.000" - ], - [ - "newrelic", - 1.8602739726, - "2025-03-01T19:05:16.000" - ], - [ - "oauthlib", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "pillow", - 0.2465753425, - "2024-08-29T08:59:33.000" - ], - [ - "pillow", - 0.5397260274, - "2024-10-16T23:09:43.000" - ], - [ - "pillow", - 0.7534246575, - "2025-03-01T19:05:16.000" - ], - [ - "pinned", - -1.0, - "2025-03-01T19:05:16.000" - ], - [ - "pip-compile", - -1.0, - "2025-03-01T19:05:16.000" - ], - [ - "pip-tools", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "pkgutil-resolve-name", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "psycopg2-binary", - 0.501369863, - "2024-08-29T08:59:33.000" - ], - [ - "psycopg2-binary", - 1.5369863014, - "2025-03-01T19:05:16.000" - ], - [ - "py", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "pycparser", - 2.397260274, - "2025-03-01T19:05:16.000" - ], - [ - "pyjwt", - 0.1890410959, - "2024-04-13T01:23:56.000" - ], - [ - "pyjwt", - 1.2301369863, - "2024-10-16T23:09:43.000" - ], - [ - "pyjwt", - 1.5561643836, - "2025-03-01T19:05:16.000" - ], - [ - "pyrsistent", - 0.8219178082, - "2025-03-01T19:05:16.000" - ], - [ - "python-dateutil", - 2.6328767123, - "2025-03-01T19:05:16.000" - ], - [ - "python-dotenv", - 0.9095890411, - "2025-03-01T19:05:16.000" - ], - [ - "python-openid", - 0.0, - "2024-08-29T08:59:33.000" - ], - [ - "python-stdnum", - 1.3424657534, - "2025-03-01T19:05:16.000" - ], - [ - "pytz", - 0.8465753425, - "2024-08-29T08:59:33.000" - ], - [ - "pytz", - 1.4547945205, - "2024-10-16T23:09:43.000" - ], - [ - "pytz", - 1.8438356164, - "2025-03-01T19:05:16.000" - ], - [ - "pyyaml", - 1.0547945205, - "2025-03-01T19:05:16.000" - ], - [ - "pyyaml", - 1.7589041096, - "2024-04-13T01:23:56.000" - ], - [ - "requests", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "requests-oauthlib", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "requirements", - -1.0, - "2025-03-01T19:05:16.000" - ], - [ - "requirements.in", - -1.0, - "2024-08-29T08:59:33.000" - ], - [ - "s3transfer", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "satisfied", - -1.0, - "2025-03-01T19:05:16.000" - ], - [ - "setuptools", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "six", - 0.0, - "2024-10-16T23:09:43.000" - ], - [ - "six", - 3.5863013699, - "2025-03-01T19:05:16.000" - ], - [ - "soupsieve", - 1.3260273973, - "2025-03-01T19:05:16.000" - ], - [ - "sqlparse", - 0.0, - "2024-04-13T01:23:56.000" - ], - [ - "sqlparse", - 0.2547945205, - "2024-10-16T23:09:43.000" - ], - [ - "sqlparse", - 0.6575342466, - "2025-03-01T19:05:16.000" - ], - [ - "trusted-host", - -1.0, - "2024-04-13T01:23:56.000" - ], - [ - "typing-extensions", - 1.1369863014, - "2024-04-13T01:23:56.000" - ], - [ - "typing-extensions", - 1.3095890411, - "2025-03-01T19:05:16.000" - ], - [ - "unicodecsv", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "urllib3", - -0.002739726, - "2024-08-29T08:59:33.000" - ], - [ - "urllib3", - 0.2356164384, - "2024-10-16T23:09:43.000" - ], - [ - "urllib3", - 0.3369863014, - "2024-04-13T01:23:56.000" - ], - [ - "urllib3", - 0.5123287671, - "2025-03-01T19:05:16.000" - ], - [ - "via", - 0.0, - "2025-03-01T19:05:16.000" - ], - [ - "voluptuous", - 1.8246575342, - "2024-04-13T01:23:56.000" - ], - [ - "voluptuous", - 2.2383561644, - "2025-03-01T19:05:16.000" - ], - [ - "wrapt", - 0.698630137, - "2024-04-13T01:23:56.000" - ], - [ - "zipp", - 0.2273972603, - "2024-08-29T08:59:33.000" - ], - [ - "zipp", - 0.2739726027, - "2024-10-16T23:09:43.000" - ], - [ - "zipp", - 0.4328767123, - "2025-03-01T19:05:16.000" - ], - [ - "zipp", - 1.0493150685, - "2024-04-13T01:23:56.000" - ] + "score": 6.8, + "checks": [ + { + "details": null, + "score": 0, + "reason": "binaries present in source code", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 8, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 21 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "17 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool is run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 9, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 7, + "reason": "3 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Python", + "Bytes": 2654402, + "CodeBytes": 0, + "Lines": 66012, + "Code": 57097, + "Comment": 3759, + "Blank": 5156, + "Complexity": 1879, + "Count": 433, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 296548, + "CodeBytes": 0, + "Lines": 9180, + "Code": 5189, + "Comment": 3264, + "Blank": 727, + "Complexity": 0, + "Count": 95, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 4118952, + "CodeBytes": 0, + "Lines": 5621, + "Code": 4122, + "Comment": 488, + "Blank": 1011, + "Complexity": 909, + "Count": 83, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 300735, + "CodeBytes": 0, + "Lines": 6283, + "Code": 5072, + "Comment": 427, + "Blank": 784, + "Complexity": 0, + "Count": 78, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSX", + "Bytes": 176193, + "CodeBytes": 0, + "Lines": 6278, + "Code": 4737, + "Comment": 735, + "Blank": 806, + "Complexity": 172, + "Count": 66, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 616067, + "CodeBytes": 0, + "Lines": 3453, + "Code": 3443, + "Comment": 10, + "Blank": 0, + "Complexity": 0, + "Count": 38, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 2089596, + "CodeBytes": 0, + "Lines": 43052, + "Code": 43052, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 36, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 45563, + "CodeBytes": 0, + "Lines": 846, + "Code": 723, + "Comment": 25, + "Blank": 98, + "Complexity": 44, + "Count": 33, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript Typings", + "Bytes": 6537, + "CodeBytes": 0, + "Lines": 165, + "Code": 140, + "Comment": 25, + "Blank": 0, + "Complexity": 2, + "Count": 29, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 56210, + "CodeBytes": 0, + "Lines": 1490, + "Code": 1054, + "Comment": 0, + "Blank": 436, + "Complexity": 0, + "Count": 22, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "LESS", + "Bytes": 78976, + "CodeBytes": 0, + "Lines": 1836, + "Code": 1758, + "Comment": 44, + "Blank": 34, + "Complexity": 0, + "Count": 14, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 110831, + "CodeBytes": 0, + "Lines": 1682, + "Code": 1643, + "Comment": 0, + "Blank": 39, + "Complexity": 0, + "Count": 14, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1773072, + "CodeBytes": 0, + "Lines": 35075, + "Code": 34730, + "Comment": 42, + "Blank": 303, + "Complexity": 0, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 1171490, + "CodeBytes": 0, + "Lines": 23076, + "Code": 13594, + "Comment": 8399, + "Blank": 1083, + "Complexity": 0, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 51883, + "CodeBytes": 0, + "Lines": 1326, + "Code": 946, + "Comment": 221, + "Blank": 159, + "Complexity": 122, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 210667, + "CodeBytes": 0, + "Lines": 4361, + "Code": 4314, + "Comment": 20, + "Blank": 27, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Autoconf", + "Bytes": 916, + "CodeBytes": 0, + "Lines": 66, + "Code": 54, + "Comment": 8, + "Blank": 4, + "Complexity": 4, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 688, + "CodeBytes": 0, + "Lines": 23, + "Code": 23, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 2565, + "CodeBytes": 0, + "Lines": 49, + "Code": 25, + "Comment": 12, + "Blank": 12, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 3875, + "CodeBytes": 0, + "Lines": 2, + "Code": 2, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 103, + "CodeBytes": 0, + "Lines": 7, + "Code": 6, + "Comment": 1, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 11576, + "CodeBytes": 0, + "Lines": 207, + "Code": 173, + "Comment": 0, + "Blank": 34, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 846, + "CodeBytes": 0, + "Lines": 17, + "Code": 11, + "Comment": 2, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 5813077.628804957, + "estimatedScheduleMonths_low": 27.803607456778888, + "estimatedPeople_low": 20.368285900143427, + "estimatedCost_high": 18116088.78053338, + "estimatedScheduleMonths_high": 27.803607456778888, + "estimatedPeople_high": 20.368285900143427, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nPython 433 66012 5156 3759 57097 1879\n(ULOC) 20739\n-------------------------------------------------------------------------------\nSass 95 9180 727 3264 5189 0\n(ULOC) 5672\n-------------------------------------------------------------------------------\nJavaScript 83 5621 1011 488 4122 909\n(ULOC) 2843\n-------------------------------------------------------------------------------\nHTML 78 6283 784 427 5072 0\n(ULOC) 3008\n-------------------------------------------------------------------------------\nJSX 66 6278 806 735 4737 172\n(ULOC) 3125\n-------------------------------------------------------------------------------\nSVG 38 3453 0 10 3443 0\n(ULOC) 3131\n-------------------------------------------------------------------------------\nJSON 36 43052 0 0 43052 0\n(ULOC) 2841\n-------------------------------------------------------------------------------\nTypeScript 33 846 98 25 723 44\n(ULOC) 501\n-------------------------------------------------------------------------------\nTypeScript Typings 29 165 0 25 140 2\n(ULOC) 119\n-------------------------------------------------------------------------------\nMarkdown 22 1490 436 0 1054 0\n(ULOC) 814\n-------------------------------------------------------------------------------\nLESS 14 1836 34 44 1758 0\n(ULOC) 1747\n-------------------------------------------------------------------------------\nPlain Text 14 1682 39 0 1643 0\n(ULOC) 872\n-------------------------------------------------------------------------------\nYAML 13 35075 303 42 34730 0\n(ULOC) 2655\n-------------------------------------------------------------------------------\nCSS 12 23076 1083 8399 13594 0\n(ULOC) 9126\n-------------------------------------------------------------------------------\nShell 11 1326 159 221 946 122\n(ULOC) 775\n-------------------------------------------------------------------------------\nXML 7 4361 27 20 4314 0\n(ULOC) 966\n-------------------------------------------------------------------------------\nAutoconf 2 66 4 8 54 4\n(ULOC) 63\n-------------------------------------------------------------------------------\nDockerfile 2 23 0 0 23 0\n(ULOC) 17\n-------------------------------------------------------------------------------\nSQL 2 49 12 12 25 0\n(ULOC) 28\n-------------------------------------------------------------------------------\nCSV 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nDocker ignore 1 7 0 1 6 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nLicense 1 207 34 0 173 0\n(ULOC) 172\n-------------------------------------------------------------------------------\nMakefile 1 17 4 2 11 0\n(ULOC) 14\n───────────────────────────────────────────────────────────────────────────────\nTotal 994 210107 10717 17482 181908 3132\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 56908\nDRYness % 0.27\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $6,374,405\nEstimated Schedule Effort (organic) 27.80 months\nEstimated People Required (organic) 20.37\n───────────────────────────────────────────────────────────────────────────────\nProcessed 13778291 bytes, 13.778 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Python": 2654402, + "CSS": 491955, + "HTML": 291338, + "JavaScript": 290846, + "SCSS": 211534, + "Shell": 51883, + "TypeScript": 45563, + "PLpgSQL": 2565, + "Makefile": 846, + "Dockerfile": 688 + }, + "average_issue_resolution_time": [ + [ + "bluebutton-web-server", + "319 days 25:36:18.884615" + ] + ], + "repo_dependency_libyear_list": [ + [ + "This", + -1.0, + "2025-03-01T19:05:16.000" + ], + [ + "WARNING", + -1.0, + "2025-03-01T19:05:16.000" + ], + [ + "asgiref", + 1.2547945205, + "2025-03-01T19:05:16.000" + ], + [ + "attrs", + 0.7068493151, + "2024-04-13T01:23:56.000" + ], + [ + "attrs", + 1.3095890411, + "2024-10-16T23:09:43.000" + ], + [ + "attrs", + 1.7808219178, + "2025-03-01T19:05:16.000" + ], + [ + "backports-zoneinfo", + 0.0, + "2024-10-16T23:09:43.000" + ], + [ + "beautifulsoup4", + 0.7808219178, + "2024-10-16T23:09:43.000" + ], + [ + "beautifulsoup4", + 1.8328767123, + "2025-03-01T19:05:16.000" + ], + [ + "boto3", + 0.9205479452, + "2024-04-13T01:23:56.000" + ], + [ + "boto3", + 1.301369863, + "2024-08-29T08:59:33.000" + ], + [ + "boto3", + 1.4328767123, + "2024-10-16T23:09:43.000" + ], + [ + "boto3", + 1.8054794521, + "2025-03-01T19:05:16.000" + ], + [ + "botocore", + 0.7835616438, + "2024-04-13T01:23:56.000" + ], + [ + "botocore", + 1.1643835616, + "2024-08-29T08:59:33.000" + ], + [ + "botocore", + 1.295890411, + "2024-10-16T23:09:43.000" + ], + [ + "botocore", + 1.6684931507, + "2025-03-01T19:05:16.000" + ], + [ + "by", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "certifi", + 0.0, + "2024-08-29T08:59:33.000" + ], + [ + "certifi", + 0.1561643836, + "2024-10-16T23:09:43.000" + ], + [ + "certifi", + 0.5315068493, + "2024-04-13T01:23:56.000" + ], + [ + "certifi", + 0.5780821918, + "2025-03-01T19:05:16.000" + ], + [ + "cffi", + 1.2438356164, + "2024-04-13T01:23:56.000" + ], + [ + "cffi", + 2.101369863, + "2024-08-29T08:59:33.000" + ], + [ + "cffi", + 2.1835616438, + "2025-03-01T19:05:16.000" + ], + [ + "charset-normalizer", + 0.6547945205, + "2024-08-29T08:59:33.000" + ], + [ + "charset-normalizer", + 1.5945205479, + "2024-10-16T23:09:43.000" + ], + [ + "charset-normalizer", + 1.8054794521, + "2025-03-01T19:05:16.000" + ], + [ + "configparser", + 1.5150684932, + "2024-04-13T01:23:56.000" + ], + [ + "configparser", + 2.0, + "2025-03-01T19:05:16.000" + ], + [ + "cryptography", + 0.202739726, + "2024-08-29T08:59:33.000" + ], + [ + "cryptography", + 0.2410958904, + "2024-04-13T01:23:56.000" + ], + [ + "cryptography", + 0.2575342466, + "2025-03-01T19:05:16.000" + ], + [ + "cryptography", + 0.3287671233, + "2024-10-16T23:09:43.000" + ], + [ + "deprecated", + 1.7232876712, + "2024-04-13T01:23:56.000" + ], + [ + "dj-database-url", + 0.298630137, + "2024-04-13T01:23:56.000" + ], + [ + "dj-database-url", + 1.0849315068, + "2024-10-16T23:09:43.000" + ], + [ + "dj-database-url", + 1.4904109589, + "2025-03-01T19:05:16.000" + ], + [ + "django", + 0.0, + "2024-10-16T23:09:43.000" + ], + [ + "django", + 0.1698630137, + "2025-03-01T19:05:16.000" + ], + [ + "django", + 0.4219178082, + "2024-04-13T01:23:56.000" + ], + [ + "django-axes", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "django-bootstrap-form", + 0.0, + "2024-08-29T08:59:33.000" + ], + [ + "django-bootstrap-v5", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "django-cors-headers", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "django-filter", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "django-getenv", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "django-ipware", + 1.104109589, + "2024-04-13T01:23:56.000" + ], + [ + "django-ipware", + 1.1260273973, + "2025-03-01T19:05:16.000" + ], + [ + "django-localflavor", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "django-oauth-toolkit", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "django-ses", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "django-settings-export", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "django-storages", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "django-waffle", + 1.2794520548, + "2024-10-16T23:09:43.000" + ], + [ + "django-waffle", + 2.2136986301, + "2025-03-01T19:05:16.000" + ], + [ + "djangorestframework", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "djangorestframework-csv", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "djangorestframework-yaml", + 0.0, + "2024-08-29T08:59:33.000" + ], + [ + "hash", + -1.0, + "2025-03-01T19:05:16.000" + ], + [ + "idna", + 0.3671232877, + "2024-08-29T08:59:33.000" + ], + [ + "idna", + 0.4301369863, + "2025-03-01T19:05:16.000" + ], + [ + "idna", + 1.5753424658, + "2024-04-13T01:23:56.000" + ], + [ + "importlib-metadata", + 0.9123287671, + "2024-04-13T01:23:56.000" + ], + [ + "importlib-metadata", + 1.3315068493, + "2024-08-29T08:59:33.000" + ], + [ + "importlib-metadata", + 1.3917808219, + "2024-10-16T23:09:43.000" + ], + [ + "importlib-metadata", + 1.7506849315, + "2025-03-01T19:05:16.000" + ], + [ + "importlib-resources", + 1.0876712329, + "2024-04-13T01:23:56.000" + ], + [ + "importlib-resources", + 1.5068493151, + "2024-08-29T08:59:33.000" + ], + [ + "importlib-resources", + 1.5589041096, + "2024-10-16T23:09:43.000" + ], + [ + "importlib-resources", + 1.8767123288, + "2025-03-01T19:05:16.000" + ], + [ + "jmespath", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "jsonschema", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "jwcrypto", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "newrelic", + 0.9945205479, + "2024-04-13T01:23:56.000" + ], + [ + "newrelic", + 1.3616438356, + "2024-08-29T08:59:33.000" + ], + [ + "newrelic", + 1.5479452055, + "2024-10-16T23:09:43.000" + ], + [ + "newrelic", + 1.8602739726, + "2025-03-01T19:05:16.000" + ], + [ + "oauthlib", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "pillow", + 0.2465753425, + "2024-08-29T08:59:33.000" + ], + [ + "pillow", + 0.5397260274, + "2024-10-16T23:09:43.000" + ], + [ + "pillow", + 0.7534246575, + "2025-03-01T19:05:16.000" + ], + [ + "pinned", + -1.0, + "2025-03-01T19:05:16.000" + ], + [ + "pip-compile", + -1.0, + "2025-03-01T19:05:16.000" + ], + [ + "pip-tools", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "pkgutil-resolve-name", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "psycopg2-binary", + 0.501369863, + "2024-08-29T08:59:33.000" + ], + [ + "psycopg2-binary", + 1.5369863014, + "2025-03-01T19:05:16.000" + ], + [ + "py", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "pycparser", + 2.397260274, + "2025-03-01T19:05:16.000" + ], + [ + "pyjwt", + 0.1890410959, + "2024-04-13T01:23:56.000" + ], + [ + "pyjwt", + 1.2301369863, + "2024-10-16T23:09:43.000" + ], + [ + "pyjwt", + 1.5561643836, + "2025-03-01T19:05:16.000" + ], + [ + "pyrsistent", + 0.8219178082, + "2025-03-01T19:05:16.000" + ], + [ + "python-dateutil", + 2.6328767123, + "2025-03-01T19:05:16.000" + ], + [ + "python-dotenv", + 0.9095890411, + "2025-03-01T19:05:16.000" + ], + [ + "python-openid", + 0.0, + "2024-08-29T08:59:33.000" + ], + [ + "python-stdnum", + 1.3424657534, + "2025-03-01T19:05:16.000" + ], + [ + "pytz", + 0.8465753425, + "2024-08-29T08:59:33.000" + ], + [ + "pytz", + 1.4547945205, + "2024-10-16T23:09:43.000" + ], + [ + "pytz", + 1.8438356164, + "2025-03-01T19:05:16.000" + ], + [ + "pyyaml", + 1.0547945205, + "2025-03-01T19:05:16.000" + ], + [ + "pyyaml", + 1.7589041096, + "2024-04-13T01:23:56.000" + ], + [ + "requests", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "requests-oauthlib", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "requirements", + -1.0, + "2025-03-01T19:05:16.000" + ], + [ + "requirements.in", + -1.0, + "2024-08-29T08:59:33.000" + ], + [ + "s3transfer", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "satisfied", + -1.0, + "2025-03-01T19:05:16.000" + ], + [ + "setuptools", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "six", + 0.0, + "2024-10-16T23:09:43.000" + ], + [ + "six", + 3.5863013699, + "2025-03-01T19:05:16.000" + ], + [ + "soupsieve", + 1.3260273973, + "2025-03-01T19:05:16.000" + ], + [ + "sqlparse", + 0.0, + "2024-04-13T01:23:56.000" + ], + [ + "sqlparse", + 0.2547945205, + "2024-10-16T23:09:43.000" + ], + [ + "sqlparse", + 0.6575342466, + "2025-03-01T19:05:16.000" + ], + [ + "trusted-host", + -1.0, + "2024-04-13T01:23:56.000" + ], + [ + "typing-extensions", + 1.1369863014, + "2024-04-13T01:23:56.000" + ], + [ + "typing-extensions", + 1.3095890411, + "2025-03-01T19:05:16.000" + ], + [ + "unicodecsv", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "urllib3", + -0.002739726, + "2024-08-29T08:59:33.000" + ], + [ + "urllib3", + 0.2356164384, + "2024-10-16T23:09:43.000" + ], + [ + "urllib3", + 0.3369863014, + "2024-04-13T01:23:56.000" + ], + [ + "urllib3", + 0.5123287671, + "2025-03-01T19:05:16.000" + ], + [ + "via", + 0.0, + "2025-03-01T19:05:16.000" + ], + [ + "voluptuous", + 1.8246575342, + "2024-04-13T01:23:56.000" + ], + [ + "voluptuous", + 2.2383561644, + "2025-03-01T19:05:16.000" + ], + [ + "wrapt", + 0.698630137, + "2024-04-13T01:23:56.000" + ], + [ + "zipp", + 0.2273972603, + "2024-08-29T08:59:33.000" + ], + [ + "zipp", + 0.2739726027, + "2024-10-16T23:09:43.000" + ], + [ + "zipp", + 0.4328767123, + "2025-03-01T19:05:16.000" + ], + [ + "zipp", + 1.0493150685, + "2024-04-13T01:23:56.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/certwatcher/certwatcher_data.json b/app/site/_data/CMSgov/certwatcher/certwatcher_data.json index eb08461387..4c97a22de5 100644 --- a/app/site/_data/CMSgov/certwatcher/certwatcher_data.json +++ b/app/site/_data/CMSgov/certwatcher/certwatcher_data.json @@ -1,311 +1,311 @@ { - "url": "https://github.com/CMSgov/certwatcher", - "owner": "CMSgov", - "name": "certwatcher", - "description": "utility to monitor the certificates in use by a host and alert if they're expiring soon", - "commits_count": 36, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 3, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 2, - "closed_pull_requests_count": 1, - "forks_count": 3, - "stargazers_count": 1, - "watchers_count": 32, - "total_project_lines": 549, - "average_project_lines": 110, - "total_project_comment_lines": 4, - "average_project_comment_lines": 1, - "total_project_blank_lines": 82, - "average_blank_lines": 16, - "commits_by_month": { - "2019/5": 2, - "2019/1": 1, - "2018/7": 1, - "2017/10": 13, - "2017/6": 5, - "2017/5": 8 + "url": "https://github.com/CMSgov/certwatcher", + "owner": "CMSgov", + "name": "certwatcher", + "description": "utility to monitor the certificates in use by a host and alert if they're expiring soon", + "commits_count": 36, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 3, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 2, + "closed_pull_requests_count": 1, + "forks_count": 3, + "stargazers_count": 1, + "watchers_count": 32, + "total_project_lines": 549, + "average_project_lines": 110, + "total_project_comment_lines": 4, + "average_project_comment_lines": 1, + "total_project_blank_lines": 82, + "average_blank_lines": 16, + "commits_by_month": { + "2019/5": 2, + "2019/1": 1, + "2018/7": 1, + "2017/10": 13, + "2017/6": 5, + "2017/5": 8 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2017-05-24T15:29:28Z", + "ossf_scorecard": { + "date": "2025-02-23T16:42:41Z", + "repo": { + "name": "github.com/CMSgov/certwatcher", + "commit": "61a98426104d7eae927e5b3da2d136048d91a8da" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2017-05-24T15:29:28Z", - "ossf_scorecard": { - "date": "2025-02-23T16:42:41Z", - "repo": { - "name": "github.com/CMSgov/certwatcher", - "commit": "61a98426104d7eae927e5b3da2d136048d91a8da" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.9, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 1/29 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 13 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Go", - "Bytes": 7224, - "CodeBytes": 0, - "Lines": 295, - "Code": 249, - "Comment": 4, - "Blank": 42, - "Complexity": 54, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 11357, - "CodeBytes": 0, - "Lines": 201, - "Code": 169, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 649, - "CodeBytes": 0, - "Lines": 21, - "Code": 17, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1220, - "CodeBytes": 0, - "Lines": 32, - "Code": 28, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 10975.435813288519, - "estimatedScheduleMonths_low": 2.564407839906451, - "estimatedPeople_low": 0.4169501998555125, - "estimatedCost_high": 34204.25156776307, - "estimatedScheduleMonths_high": 2.564407839906451, - "estimatedPeople_high": 0.4169501998555125, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nGo 2 295 42 4 249 54\n(ULOC) 189\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nMakefile 1 21 4 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nMarkdown 1 32 4 0 28 0\n(ULOC) 26\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 5 549 82 4 463 54\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 398\nDRYness % 0.72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $12,035\nEstimated Schedule Effort (organic) 2.56 months\nEstimated People Required (organic) 0.42\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 20450 bytes, 0.020 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Go": 7224, - "Makefile": 649 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.9, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 1/29 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 13 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Go", + "Bytes": 7224, + "CodeBytes": 0, + "Lines": 295, + "Code": 249, + "Comment": 4, + "Blank": 42, + "Complexity": 54, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 11357, + "CodeBytes": 0, + "Lines": 201, + "Code": 169, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 649, + "CodeBytes": 0, + "Lines": 21, + "Code": 17, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1220, + "CodeBytes": 0, + "Lines": 32, + "Code": 28, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 10975.435813288519, + "estimatedScheduleMonths_low": 2.564407839906451, + "estimatedPeople_low": 0.4169501998555125, + "estimatedCost_high": 34204.25156776307, + "estimatedScheduleMonths_high": 2.564407839906451, + "estimatedPeople_high": 0.4169501998555125, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nGo 2 295 42 4 249 54\n(ULOC) 189\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nMakefile 1 21 4 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nMarkdown 1 32 4 0 28 0\n(ULOC) 26\n───────────────────────────────────────────────────────────────────────────────\nTotal 5 549 82 4 463 54\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 398\nDRYness % 0.72\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $12,035\nEstimated Schedule Effort (organic) 2.56 months\nEstimated People Required (organic) 0.42\n───────────────────────────────────────────────────────────────────────────────\nProcessed 20450 bytes, 0.020 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Go": 7224, + "Makefile": 649 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/claims-api-ecosystem-website/claims-api-ecosystem-website_data.json b/app/site/_data/CMSgov/claims-api-ecosystem-website/claims-api-ecosystem-website_data.json index df41cb3c2c..98ac797d33 100644 --- a/app/site/_data/CMSgov/claims-api-ecosystem-website/claims-api-ecosystem-website_data.json +++ b/app/site/_data/CMSgov/claims-api-ecosystem-website/claims-api-ecosystem-website_data.json @@ -1,353 +1,353 @@ { - "url": "https://github.com/CMSgov/claims-api-ecosystem-website", - "owner": "CMSgov", - "name": "claims-api-ecosystem-website", - "description": null, - "commits_count": 36, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 11, - "open_pull_requests_count": 3, - "merged_pull_requests_count": 7, - "closed_pull_requests_count": 1, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 8, - "total_project_lines": 465, - "average_project_lines": 9, - "total_project_comment_lines": 74, - "average_project_comment_lines": 2, - "total_project_blank_lines": 66, - "average_blank_lines": 1, - "commits_by_month": { - "2021/8": 15, - "2021/7": 15 + "url": "https://github.com/CMSgov/claims-api-ecosystem-website", + "owner": "CMSgov", + "name": "claims-api-ecosystem-website", + "description": null, + "commits_count": 36, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 11, + "open_pull_requests_count": 3, + "merged_pull_requests_count": 7, + "closed_pull_requests_count": 1, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 8, + "total_project_lines": 465, + "average_project_lines": 9, + "total_project_comment_lines": 74, + "average_project_comment_lines": 2, + "total_project_blank_lines": 66, + "average_blank_lines": 1, + "commits_by_month": { + "2021/8": 15, + "2021/7": 15 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-05-13T15:30:33Z", + "ossf_scorecard": { + "date": "2025-02-23T16:43:30Z", + "repo": { + "name": "github.com/CMSgov/claims-api-ecosystem-website", + "commit": "b0d16db575fb8f3eb0675b1c9551c8dbe10bc74d" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-05-13T15:30:33Z", - "ossf_scorecard": { - "date": "2025-02-23T16:43:30Z", - "repo": { - "name": "github.com/CMSgov/claims-api-ecosystem-website", - "commit": "b0d16db575fb8f3eb0675b1c9551c8dbe10bc74d" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 1.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 6 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 3, - "reason": "Found 2/6 approved changesets -- score normalized to 3", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "132 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "SVG", - "Bytes": 15548, - "CodeBytes": 0, - "Lines": 31, - "Code": 31, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 31, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 6198, - "CodeBytes": 0, - "Lines": 187, - "Code": 150, - "Comment": 24, - "Blank": 13, - "Complexity": 0, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 6784, - "CodeBytes": 0, - "Lines": 133, - "Code": 93, - "Comment": 0, - "Blank": 40, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 478, - "CodeBytes": 0, - "Lines": 23, - "Code": 16, - "Comment": 3, - "Blank": 4, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 937, - "CodeBytes": 0, - "Lines": 27, - "Code": 7, - "Comment": 14, - "Blank": 6, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 270, - "CodeBytes": 0, - "Lines": 14, - "Code": 14, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1732, - "CodeBytes": 0, - "Lines": 50, - "Code": 14, - "Comment": 33, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 7569.013201411119, - "estimatedScheduleMonths_low": 2.226700166281178, - "estimatedPeople_low": 0.33115173073208154, - "estimatedCost_high": 23588.350937949217, - "estimatedScheduleMonths_high": 2.226700166281178, - "estimatedPeople_high": 0.33115173073208154, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nSVG 31 31 0 0 31 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nHTML 8 187 13 24 150 0\n(ULOC) 121\n-------------------------------------------------------------------------------\nMarkdown 5 133 40 0 93 0\n(ULOC) 75\n-------------------------------------------------------------------------------\nSass 2 23 4 3 16 0\n(ULOC) 17\n-------------------------------------------------------------------------------\nGemfile 1 27 6 14 7 0\n(ULOC) 21\n-------------------------------------------------------------------------------\nJSON 1 14 0 0 14 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nYAML 1 50 3 33 14 0\n(ULOC) 45\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 49 465 66 74 325 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 310\nDRYness % 0.67\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $8,299\nEstimated Schedule Effort (organic) 2.23 months\nEstimated People Required (organic) 0.33\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 31947 bytes, 0.032 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "HTML": 6198, - "Ruby": 937, - "SCSS": 478 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 1.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 6 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 3, + "reason": "Found 2/6 approved changesets -- score normalized to 3", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "132 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "SVG", + "Bytes": 15548, + "CodeBytes": 0, + "Lines": 31, + "Code": 31, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 31, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 6198, + "CodeBytes": 0, + "Lines": 187, + "Code": 150, + "Comment": 24, + "Blank": 13, + "Complexity": 0, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 6784, + "CodeBytes": 0, + "Lines": 133, + "Code": 93, + "Comment": 0, + "Blank": 40, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 478, + "CodeBytes": 0, + "Lines": 23, + "Code": 16, + "Comment": 3, + "Blank": 4, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 937, + "CodeBytes": 0, + "Lines": 27, + "Code": 7, + "Comment": 14, + "Blank": 6, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 270, + "CodeBytes": 0, + "Lines": 14, + "Code": 14, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1732, + "CodeBytes": 0, + "Lines": 50, + "Code": 14, + "Comment": 33, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 7569.013201411119, + "estimatedScheduleMonths_low": 2.226700166281178, + "estimatedPeople_low": 0.33115173073208154, + "estimatedCost_high": 23588.350937949217, + "estimatedScheduleMonths_high": 2.226700166281178, + "estimatedPeople_high": 0.33115173073208154, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nSVG 31 31 0 0 31 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nHTML 8 187 13 24 150 0\n(ULOC) 121\n-------------------------------------------------------------------------------\nMarkdown 5 133 40 0 93 0\n(ULOC) 75\n-------------------------------------------------------------------------------\nSass 2 23 4 3 16 0\n(ULOC) 17\n-------------------------------------------------------------------------------\nGemfile 1 27 6 14 7 0\n(ULOC) 21\n-------------------------------------------------------------------------------\nJSON 1 14 0 0 14 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nYAML 1 50 3 33 14 0\n(ULOC) 45\n───────────────────────────────────────────────────────────────────────────────\nTotal 49 465 66 74 325 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 310\nDRYness % 0.67\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $8,299\nEstimated Schedule Effort (organic) 2.23 months\nEstimated People Required (organic) 0.33\n───────────────────────────────────────────────────────────────────────────────\nProcessed 31947 bytes, 0.032 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "HTML": 6198, + "Ruby": 937, + "SCSS": 478 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/cms-bb2-java-sdk/cms-bb2-java-sdk_data.json b/app/site/_data/CMSgov/cms-bb2-java-sdk/cms-bb2-java-sdk_data.json index a9bc1e01e2..591cb110a7 100644 --- a/app/site/_data/CMSgov/cms-bb2-java-sdk/cms-bb2-java-sdk_data.json +++ b/app/site/_data/CMSgov/cms-bb2-java-sdk/cms-bb2-java-sdk_data.json @@ -1,321 +1,321 @@ { - "url": "https://github.com/CMSgov/cms-bb2-java-sdk", - "owner": "CMSgov", - "name": "cms-bb2-java-sdk", - "description": null, - "commits_count": 8, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 4, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 2, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 12, - "total_project_lines": 292, - "average_project_lines": 49, - "total_project_comment_lines": 53, - "average_project_comment_lines": 9, - "total_project_blank_lines": 40, - "average_blank_lines": 7, - "commits_by_month": { - "2022/4": 1, - "2022/2": 7 + "url": "https://github.com/CMSgov/cms-bb2-java-sdk", + "owner": "CMSgov", + "name": "cms-bb2-java-sdk", + "description": null, + "commits_count": 8, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 4, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 2, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 12, + "total_project_lines": 292, + "average_project_lines": 49, + "total_project_comment_lines": 53, + "average_project_comment_lines": 9, + "total_project_blank_lines": 40, + "average_blank_lines": 7, + "commits_by_month": { + "2022/4": 1, + "2022/2": 7 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2022-01-20T22:08:30Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:17Z", + "repo": { + "name": "github.com/CMSgov/cms-bb2-java-sdk", + "commit": "1d0fd40d1bf06392073172f270d4dd99063407b9" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2022-01-20T22:08:30Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:17Z", - "repo": { - "name": "github.com/CMSgov/cms-bb2-java-sdk", - "commit": "1d0fd40d1bf06392073172f270d4dd99063407b9" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 2, - "reason": "Found 1/4 approved changesets -- score normalized to 2", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 735, - "CodeBytes": 0, - "Lines": 42, - "Code": 19, - "Comment": 18, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6556, - "CodeBytes": 0, - "Lines": 117, - "Code": 96, - "Comment": 0, - "Blank": 21, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 138, - "CodeBytes": 0, - "Lines": 14, - "Code": 8, - "Comment": 0, - "Blank": 6, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 3018, - "CodeBytes": 0, - "Lines": 99, - "Code": 61, - "Comment": 35, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 367, - "CodeBytes": 0, - "Lines": 20, - "Code": 15, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 4522.280160715302, - "estimatedScheduleMonths_low": 1.830891708940847, - "estimatedPeople_low": 0.24062697638242617, - "estimatedCost_high": 14093.400108060387, - "estimatedScheduleMonths_high": 1.830891708940847, - "estimatedPeople_high": 0.24062697638242617, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 2 42 5 18 19 0\n(ULOC) 28\n-------------------------------------------------------------------------------\nLicense 1 117 21 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nMarkdown 1 14 6 0 8 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nXML 1 99 3 35 61 0\n(ULOC) 73\n-------------------------------------------------------------------------------\nYAML 1 20 5 0 15 0\n(ULOC) 16\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 6 292 40 53 199 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 219\nDRYness % 0.75\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $4,958\nEstimated Schedule Effort (organic) 1.83 months\nEstimated People Required (organic) 0.24\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 10814 bytes, 0.011 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Java": 735 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 2, + "reason": "Found 1/4 approved changesets -- score normalized to 2", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 735, + "CodeBytes": 0, + "Lines": 42, + "Code": 19, + "Comment": 18, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6556, + "CodeBytes": 0, + "Lines": 117, + "Code": 96, + "Comment": 0, + "Blank": 21, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 138, + "CodeBytes": 0, + "Lines": 14, + "Code": 8, + "Comment": 0, + "Blank": 6, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 3018, + "CodeBytes": 0, + "Lines": 99, + "Code": 61, + "Comment": 35, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 367, + "CodeBytes": 0, + "Lines": 20, + "Code": 15, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 4522.280160715302, + "estimatedScheduleMonths_low": 1.830891708940847, + "estimatedPeople_low": 0.24062697638242617, + "estimatedCost_high": 14093.400108060387, + "estimatedScheduleMonths_high": 1.830891708940847, + "estimatedPeople_high": 0.24062697638242617, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 2 42 5 18 19 0\n(ULOC) 28\n-------------------------------------------------------------------------------\nLicense 1 117 21 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nMarkdown 1 14 6 0 8 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nXML 1 99 3 35 61 0\n(ULOC) 73\n-------------------------------------------------------------------------------\nYAML 1 20 5 0 15 0\n(ULOC) 16\n───────────────────────────────────────────────────────────────────────────────\nTotal 6 292 40 53 199 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 219\nDRYness % 0.75\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $4,958\nEstimated Schedule Effort (organic) 1.83 months\nEstimated People Required (organic) 0.24\n───────────────────────────────────────────────────────────────────────────────\nProcessed 10814 bytes, 0.011 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 735 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/cms-bb2-node-sdk/cms-bb2-node-sdk_data.json b/app/site/_data/CMSgov/cms-bb2-node-sdk/cms-bb2-node-sdk_data.json index fc8bb93381..f17bc9cb9b 100644 --- a/app/site/_data/CMSgov/cms-bb2-node-sdk/cms-bb2-node-sdk_data.json +++ b/app/site/_data/CMSgov/cms-bb2-node-sdk/cms-bb2-node-sdk_data.json @@ -1,592 +1,592 @@ { - "url": "https://github.com/CMSgov/cms-bb2-node-sdk", - "owner": "CMSgov", - "name": "cms-bb2-node-sdk", - "description": null, - "commits_count": 169, - "issues_count": 1, - "open_issues_count": 0, - "closed_issues_count": 1, - "pull_requests_count": 62, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 46, - "closed_pull_requests_count": 15, - "forks_count": 1, - "stargazers_count": 0, - "watchers_count": 13, - "total_project_lines": 89193, - "average_project_lines": 1538, - "total_project_comment_lines": 157, - "average_project_comment_lines": 3, - "total_project_blank_lines": 526, - "average_blank_lines": 9, - "commits_by_month": { - "2024/10": 1, - "2024/8": 3, - "2024/7": 2, - "2024/6": 3, - "2023/11": 3, - "2023/5": 5, - "2023/4": 2, - "2022/12": 5, - "2022/11": 4, - "2022/10": 2 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-10-21T05:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-01-20T22:05:55Z", - "ossf_scorecard": { - "date": "2025-02-23T16:46:04Z", - "repo": { - "name": "github.com/CMSgov/cms-bb2-node-sdk", - "commit": "54c6b2faef54b508cdf4fea799e8d332b9836ae1" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 14 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 13/14 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 8, - "reason": "2 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 2806957, - "CodeBytes": 0, - "Lines": 72956, - "Code": 72956, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 24, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 407438, - "CodeBytes": 0, - "Lines": 8986, - "Code": 8970, - "Comment": 0, - "Blank": 16, - "Complexity": 0, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 47529, - "CodeBytes": 0, - "Lines": 1623, - "Code": 1256, - "Comment": 147, - "Blank": 220, - "Complexity": 71, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 110171, - "CodeBytes": 0, - "Lines": 2360, - "Code": 2346, - "Comment": 7, - "Blank": 7, - "Complexity": 368, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 67987, - "CodeBytes": 0, - "Lines": 2585, - "Code": 2471, - "Comment": 2, - "Blank": 112, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 18606, - "CodeBytes": 0, - "Lines": 562, - "Code": 413, - "Comment": 0, - "Blank": 149, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6556, - "CodeBytes": 0, - "Lines": 117, - "Code": 96, - "Comment": 0, - "Blank": 21, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 58, - "CodeBytes": 0, - "Lines": 4, - "Code": 2, - "Comment": 1, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 2728372.6756250844, - "estimatedScheduleMonths_low": 20.857882878945055, - "estimatedPeople_low": 12.74333132973159, - "estimatedCost_high": 8502800.886931669, - "estimatedScheduleMonths_high": 20.857882878945055, - "estimatedPeople_high": 12.74333132973159, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 24 72956 0 0 72956 0\n(ULOC) 1140\n-------------------------------------------------------------------------------\nHTML 13 8986 16 0 8970 0\n(ULOC) 1594\n-------------------------------------------------------------------------------\nTypeScript 9 1623 220 147 1256 71\n(ULOC) 848\n-------------------------------------------------------------------------------\nJavaScript 4 2360 7 7 2346 368\n(ULOC) 1791\n-------------------------------------------------------------------------------\nCSS 3 2585 112 2 2471 0\n(ULOC) 1331\n-------------------------------------------------------------------------------\nMarkdown 3 562 149 0 413 0\n(ULOC) 343\n-------------------------------------------------------------------------------\nLicense 1 117 21 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 0\n(ULOC) 4\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 58 89193 526 157 88510 439\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 7092\nDRYness % 0.08\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $2,991,832\nEstimated Schedule Effort (organic) 20.86 months\nEstimated People Required (organic) 12.74\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 3465302 bytes, 3.465 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/cms-bb2-node-sdk", + "owner": "CMSgov", + "name": "cms-bb2-node-sdk", + "description": null, + "commits_count": 169, + "issues_count": 1, + "open_issues_count": 0, + "closed_issues_count": 1, + "pull_requests_count": 62, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 46, + "closed_pull_requests_count": 15, + "forks_count": 1, + "stargazers_count": 0, + "watchers_count": 13, + "total_project_lines": 89193, + "average_project_lines": 1538, + "total_project_comment_lines": 157, + "average_project_comment_lines": 3, + "total_project_blank_lines": 526, + "average_blank_lines": 9, + "commits_by_month": { + "2024/10": 1, + "2024/8": 3, + "2024/7": 2, + "2024/6": 3, + "2023/11": 3, + "2023/5": 5, + "2023/4": 2, + "2022/12": 5, + "2022/11": 4, + "2022/10": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-10-21T05:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-01-20T22:05:55Z", + "ossf_scorecard": { + "date": "2025-02-23T16:46:04Z", + "repo": { + "name": "github.com/CMSgov/cms-bb2-node-sdk", + "commit": "54c6b2faef54b508cdf4fea799e8d332b9836ae1" }, - "predominant_langs": { - "TypeScript": 47529, - "JavaScript": 1693, - "Shell": 58 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "cms-bb2-node-sdk", - "815 days 20:14:48" - ] - ], - "repo_dependency_libyear_list": [ - [ - "@microsoft/api-extractor", - 0.0, - "2025-03-01T04:33:34.000" - ], - [ - "@rollup/plugin-commonjs", - 2.1424657534, - "2024-06-30T20:42:08.000" - ], - [ - "@rollup/plugin-commonjs", - 2.6712328767, - "2025-03-01T04:33:34.000" - ], - [ - "@rollup/plugin-json", - 0.0, - "2025-03-01T04:33:34.000" - ], - [ - "@rollup/plugin-node-resolve", - 1.4356164384, - "2024-06-30T20:42:08.000" - ], - [ - "@rollup/plugin-node-resolve", - 2.6246575342, - "2025-03-01T04:33:34.000" - ], - [ - "@rollup/plugin-typescript", - 1.3424657534, - "2024-06-30T20:42:08.000" - ], - [ - "@rollup/plugin-typescript", - 2.2767123288, - "2025-03-01T04:33:34.000" - ], - [ - "@types/jest", - 1.6684931507, - "2024-06-30T20:42:08.000" - ], - [ - "@types/jest", - 2.3945205479, - "2025-03-01T04:33:34.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 0.9589041096, - "2024-06-30T20:42:08.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 1.6273972603, - "2025-03-01T04:33:34.000" - ], - [ - "@typescript-eslint/parser", - 0.9589041096, - "2024-06-30T20:42:08.000" - ], - [ - "@typescript-eslint/parser", - 1.6273972603, - "2025-03-01T04:33:34.000" - ], - [ - "axios", - 0.0, - "2025-03-01T04:33:34.000" - ], - [ - "axios", - 0.1452054795, - "2024-06-30T20:42:08.000" - ], - [ - "babel-jest", - 1.5890410959, - "2025-03-01T04:33:34.000" - ], - [ - "cms-bluebutton-sdk", - 0.0, - "2024-06-30T20:42:08.000" - ], - [ - "eslint", - 2.3753424658, - "2024-06-30T20:42:08.000" - ], - [ - "eslint", - 3.0273972603, - "2025-03-01T04:33:34.000" - ], - [ - "eslint-config-prettier", - 0.3479452055, - "2024-06-30T20:42:08.000" - ], - [ - "eslint-config-prettier", - 1.5890410959, - "2025-03-01T04:33:34.000" - ], - [ - "http-status-codes", - 0.0, - "2025-03-01T04:33:34.000" - ], - [ - "husky", - 2.3150684932, - "2024-06-30T20:42:08.000" - ], - [ - "husky", - 3.0794520548, - "2025-03-01T04:33:34.000" - ], - [ - "jest", - 1.5890410959, - "2025-03-01T04:33:34.000" - ], - [ - "lint-staged", - 2.0356164384, - "2024-06-30T20:42:08.000" - ], - [ - "lint-staged", - 2.6575342466, - "2025-03-01T04:33:34.000" - ], - [ - "moment", - 0.0, - "2025-03-01T04:33:34.000" - ], - [ - "prettier", - 2.5178082192, - "2024-06-30T20:42:08.000" - ], - [ - "prettier", - 3.2191780822, - "2025-03-01T04:33:34.000" - ], - [ - "rollup", - 0.4246575342, - "2025-03-01T04:33:34.000" - ], - [ - "rollup", - 1.4547945205, - "2024-06-30T20:42:08.000" - ], - [ - "ts-jest", - 2.0821917808, - "2024-06-30T20:42:08.000" - ], - [ - "ts-jest", - 2.7698630137, - "2025-03-01T04:33:34.000" - ], - [ - "ts-node", - 0.0, - "2025-03-01T04:33:34.000" - ], - [ - "tslib", - 0.0, - "2025-03-01T04:33:34.000" - ], - [ - "tslint", - 0.0, - "2025-03-01T04:33:34.000" - ], - [ - "typedoc", - 0.0, - "2025-03-01T04:33:34.000" - ], - [ - "typescript", - 1.3863013699, - "2024-06-30T20:42:08.000" - ], - [ - "typescript", - 2.0794520548, - "2025-03-01T04:33:34.000" - ] + "score": 5.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 14 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 13/14 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 8, + "reason": "2 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 2806957, + "CodeBytes": 0, + "Lines": 72956, + "Code": 72956, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 24, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 407438, + "CodeBytes": 0, + "Lines": 8986, + "Code": 8970, + "Comment": 0, + "Blank": 16, + "Complexity": 0, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 47529, + "CodeBytes": 0, + "Lines": 1623, + "Code": 1256, + "Comment": 147, + "Blank": 220, + "Complexity": 71, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 110171, + "CodeBytes": 0, + "Lines": 2360, + "Code": 2346, + "Comment": 7, + "Blank": 7, + "Complexity": 368, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 67987, + "CodeBytes": 0, + "Lines": 2585, + "Code": 2471, + "Comment": 2, + "Blank": 112, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 18606, + "CodeBytes": 0, + "Lines": 562, + "Code": 413, + "Comment": 0, + "Blank": 149, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6556, + "CodeBytes": 0, + "Lines": 117, + "Code": 96, + "Comment": 0, + "Blank": 21, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 58, + "CodeBytes": 0, + "Lines": 4, + "Code": 2, + "Comment": 1, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 2728372.6756250844, + "estimatedScheduleMonths_low": 20.857882878945055, + "estimatedPeople_low": 12.74333132973159, + "estimatedCost_high": 8502800.886931669, + "estimatedScheduleMonths_high": 20.857882878945055, + "estimatedPeople_high": 12.74333132973159, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 24 72956 0 0 72956 0\n(ULOC) 1140\n-------------------------------------------------------------------------------\nHTML 13 8986 16 0 8970 0\n(ULOC) 1594\n-------------------------------------------------------------------------------\nTypeScript 9 1623 220 147 1256 71\n(ULOC) 848\n-------------------------------------------------------------------------------\nJavaScript 4 2360 7 7 2346 368\n(ULOC) 1791\n-------------------------------------------------------------------------------\nCSS 3 2585 112 2 2471 0\n(ULOC) 1331\n-------------------------------------------------------------------------------\nMarkdown 3 562 149 0 413 0\n(ULOC) 343\n-------------------------------------------------------------------------------\nLicense 1 117 21 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 0\n(ULOC) 4\n───────────────────────────────────────────────────────────────────────────────\nTotal 58 89193 526 157 88510 439\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 7092\nDRYness % 0.08\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $2,991,832\nEstimated Schedule Effort (organic) 20.86 months\nEstimated People Required (organic) 12.74\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3465302 bytes, 3.465 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 47529, + "JavaScript": 1693, + "Shell": 58 + }, + "average_issue_resolution_time": [ + [ + "cms-bb2-node-sdk", + "815 days 20:14:48" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@microsoft/api-extractor", + 0.0, + "2025-03-01T04:33:34.000" + ], + [ + "@rollup/plugin-commonjs", + 2.1424657534, + "2024-06-30T20:42:08.000" + ], + [ + "@rollup/plugin-commonjs", + 2.6712328767, + "2025-03-01T04:33:34.000" + ], + [ + "@rollup/plugin-json", + 0.0, + "2025-03-01T04:33:34.000" + ], + [ + "@rollup/plugin-node-resolve", + 1.4356164384, + "2024-06-30T20:42:08.000" + ], + [ + "@rollup/plugin-node-resolve", + 2.6246575342, + "2025-03-01T04:33:34.000" + ], + [ + "@rollup/plugin-typescript", + 1.3424657534, + "2024-06-30T20:42:08.000" + ], + [ + "@rollup/plugin-typescript", + 2.2767123288, + "2025-03-01T04:33:34.000" + ], + [ + "@types/jest", + 1.6684931507, + "2024-06-30T20:42:08.000" + ], + [ + "@types/jest", + 2.3945205479, + "2025-03-01T04:33:34.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 0.9589041096, + "2024-06-30T20:42:08.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 1.6273972603, + "2025-03-01T04:33:34.000" + ], + [ + "@typescript-eslint/parser", + 0.9589041096, + "2024-06-30T20:42:08.000" + ], + [ + "@typescript-eslint/parser", + 1.6273972603, + "2025-03-01T04:33:34.000" + ], + [ + "axios", + 0.0, + "2025-03-01T04:33:34.000" + ], + [ + "axios", + 0.1452054795, + "2024-06-30T20:42:08.000" + ], + [ + "babel-jest", + 1.5890410959, + "2025-03-01T04:33:34.000" + ], + [ + "cms-bluebutton-sdk", + 0.0, + "2024-06-30T20:42:08.000" + ], + [ + "eslint", + 2.3753424658, + "2024-06-30T20:42:08.000" + ], + [ + "eslint", + 3.0273972603, + "2025-03-01T04:33:34.000" + ], + [ + "eslint-config-prettier", + 0.3479452055, + "2024-06-30T20:42:08.000" + ], + [ + "eslint-config-prettier", + 1.5890410959, + "2025-03-01T04:33:34.000" + ], + [ + "http-status-codes", + 0.0, + "2025-03-01T04:33:34.000" + ], + [ + "husky", + 2.3150684932, + "2024-06-30T20:42:08.000" + ], + [ + "husky", + 3.0794520548, + "2025-03-01T04:33:34.000" + ], + [ + "jest", + 1.5890410959, + "2025-03-01T04:33:34.000" + ], + [ + "lint-staged", + 2.0356164384, + "2024-06-30T20:42:08.000" + ], + [ + "lint-staged", + 2.6575342466, + "2025-03-01T04:33:34.000" + ], + [ + "moment", + 0.0, + "2025-03-01T04:33:34.000" + ], + [ + "prettier", + 2.5178082192, + "2024-06-30T20:42:08.000" + ], + [ + "prettier", + 3.2191780822, + "2025-03-01T04:33:34.000" + ], + [ + "rollup", + 0.4246575342, + "2025-03-01T04:33:34.000" + ], + [ + "rollup", + 1.4547945205, + "2024-06-30T20:42:08.000" + ], + [ + "ts-jest", + 2.0821917808, + "2024-06-30T20:42:08.000" + ], + [ + "ts-jest", + 2.7698630137, + "2025-03-01T04:33:34.000" + ], + [ + "ts-node", + 0.0, + "2025-03-01T04:33:34.000" + ], + [ + "tslib", + 0.0, + "2025-03-01T04:33:34.000" + ], + [ + "tslint", + 0.0, + "2025-03-01T04:33:34.000" + ], + [ + "typedoc", + 0.0, + "2025-03-01T04:33:34.000" + ], + [ + "typescript", + 1.3863013699, + "2024-06-30T20:42:08.000" + ], + [ + "typescript", + 2.0794520548, + "2025-03-01T04:33:34.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/cms-bb2-python-sdk/cms-bb2-python-sdk_data.json b/app/site/_data/CMSgov/cms-bb2-python-sdk/cms-bb2-python-sdk_data.json index bbe083b418..cf6854c827 100644 --- a/app/site/_data/CMSgov/cms-bb2-python-sdk/cms-bb2-python-sdk_data.json +++ b/app/site/_data/CMSgov/cms-bb2-python-sdk/cms-bb2-python-sdk_data.json @@ -1,387 +1,387 @@ { - "url": "https://github.com/CMSgov/cms-bb2-python-sdk", - "owner": "CMSgov", - "name": "cms-bb2-python-sdk", - "description": null, - "commits_count": 78, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 42, - "open_pull_requests_count": 6, - "merged_pull_requests_count": 32, - "closed_pull_requests_count": 4, - "forks_count": 0, - "stargazers_count": 6, - "watchers_count": 13, - "total_project_lines": 74834, - "average_project_lines": 1919, - "total_project_comment_lines": 37, - "average_project_comment_lines": 1, - "total_project_blank_lines": 436, - "average_blank_lines": 11, - "commits_by_month": { - "2024/10": 1, - "2024/9": 2, - "2024/8": 1, - "2024/7": 2, - "2024/6": 4, - "2023/10": 2, - "2023/5": 4, - "2023/4": 3, - "2022/12": 4, - "2022/11": 3, - "2022/10": 2, - "2022/9": 1, - "2022/8": 1 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-25T05:00:00.000Z", - 1 - ], - [ - "2024-10-21T05:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/cms-bb2-python-sdk", + "owner": "CMSgov", + "name": "cms-bb2-python-sdk", + "description": null, + "commits_count": 78, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 42, + "open_pull_requests_count": 6, + "merged_pull_requests_count": 32, + "closed_pull_requests_count": 4, + "forks_count": 0, + "stargazers_count": 6, + "watchers_count": 13, + "total_project_lines": 74834, + "average_project_lines": 1919, + "total_project_comment_lines": 37, + "average_project_comment_lines": 1, + "total_project_blank_lines": 436, + "average_blank_lines": 11, + "commits_by_month": { + "2024/10": 1, + "2024/9": 2, + "2024/8": 1, + "2024/7": 2, + "2024/6": 4, + "2023/10": 2, + "2023/5": 4, + "2023/4": 3, + "2022/12": 4, + "2022/11": 3, + "2022/10": 2, + "2022/9": 1, + "2022/8": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-25T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-01-20T22:07:51Z", - "ossf_scorecard": { - "date": "2025-02-23T16:39:46Z", - "repo": { - "name": "github.com/CMSgov/cms-bb2-python-sdk", - "commit": "600f2438c902275abf5c0a1fbefabf57a0334e5e" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 15 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 2804685, - "CodeBytes": 0, - "Lines": 72813, - "Code": 72813, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 20, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 38831, - "CodeBytes": 0, - "Lines": 1046, - "Code": 814, - "Comment": 33, - "Blank": 199, - "Complexity": 57, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 20796, - "CodeBytes": 0, - "Lines": 670, - "Code": 457, - "Comment": 0, - "Blank": 213, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Autoconf", - "Bytes": 156, - "CodeBytes": 0, - "Lines": 9, - "Code": 9, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6556, - "CodeBytes": 0, - "Lines": 117, - "Code": 96, - "Comment": 0, - "Blank": 21, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 10562, - "CodeBytes": 0, - "Lines": 167, - "Code": 167, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 354, - "CodeBytes": 0, - "Lines": 12, - "Code": 5, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 2272344.7237820756, - "estimatedScheduleMonths_low": 19.457499317968985, - "estimatedPeople_low": 11.37723425931415, - "estimatedCost_high": 7081618.616621763, - "estimatedScheduleMonths_high": 19.457499317968985, - "estimatedPeople_high": 11.37723425931415, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 20 72813 0 0 72813 0\n(ULOC) 1039\n-------------------------------------------------------------------------------\nPython 12 1046 199 33 814 57\n(ULOC) 634\n-------------------------------------------------------------------------------\nMarkdown 3 670 213 0 457 0\n(ULOC) 350\n-------------------------------------------------------------------------------\nAutoconf 1 9 0 0 9 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nLicense 1 117 21 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nPlain Text 1 167 0 0 167 0\n(ULOC) 147\n-------------------------------------------------------------------------------\nYAML 1 12 3 4 5 0\n(ULOC) 10\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 39 74834 436 37 74361 57\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 2265\nDRYness % 0.03\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $2,491,769\nEstimated Schedule Effort (organic) 19.46 months\nEstimated People Required (organic) 11.38\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 2881940 bytes, 2.882 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-10-21T05:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-01-20T22:07:51Z", + "ossf_scorecard": { + "date": "2025-02-23T16:39:46Z", + "repo": { + "name": "github.com/CMSgov/cms-bb2-python-sdk", + "commit": "600f2438c902275abf5c0a1fbefabf57a0334e5e" }, - "predominant_langs": { - "Python": 38140 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "pyyaml", - 0.0, - "2025-03-01T08:42:14.000" - ], - [ - "requests", - 0.0, - "2025-03-01T08:42:14.000" - ], - [ - "requests-toolbelt", - 0.0, - "2025-03-01T08:42:14.000" - ] + "score": 4.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 15 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 2804685, + "CodeBytes": 0, + "Lines": 72813, + "Code": 72813, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 20, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 38831, + "CodeBytes": 0, + "Lines": 1046, + "Code": 814, + "Comment": 33, + "Blank": 199, + "Complexity": 57, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 20796, + "CodeBytes": 0, + "Lines": 670, + "Code": 457, + "Comment": 0, + "Blank": 213, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Autoconf", + "Bytes": 156, + "CodeBytes": 0, + "Lines": 9, + "Code": 9, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6556, + "CodeBytes": 0, + "Lines": 117, + "Code": 96, + "Comment": 0, + "Blank": 21, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 10562, + "CodeBytes": 0, + "Lines": 167, + "Code": 167, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 354, + "CodeBytes": 0, + "Lines": 12, + "Code": 5, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 2272344.7237820756, + "estimatedScheduleMonths_low": 19.457499317968985, + "estimatedPeople_low": 11.37723425931415, + "estimatedCost_high": 7081618.616621763, + "estimatedScheduleMonths_high": 19.457499317968985, + "estimatedPeople_high": 11.37723425931415, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 20 72813 0 0 72813 0\n(ULOC) 1039\n-------------------------------------------------------------------------------\nPython 12 1046 199 33 814 57\n(ULOC) 634\n-------------------------------------------------------------------------------\nMarkdown 3 670 213 0 457 0\n(ULOC) 350\n-------------------------------------------------------------------------------\nAutoconf 1 9 0 0 9 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nLicense 1 117 21 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nPlain Text 1 167 0 0 167 0\n(ULOC) 147\n-------------------------------------------------------------------------------\nYAML 1 12 3 4 5 0\n(ULOC) 10\n───────────────────────────────────────────────────────────────────────────────\nTotal 39 74834 436 37 74361 57\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2265\nDRYness % 0.03\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $2,491,769\nEstimated Schedule Effort (organic) 19.46 months\nEstimated People Required (organic) 11.38\n───────────────────────────────────────────────────────────────────────────────\nProcessed 2881940 bytes, 2.882 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Python": 38140 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "pyyaml", + 0.0, + "2025-03-01T08:42:14.000" + ], + [ + "requests", + 0.0, + "2025-03-01T08:42:14.000" + ], + [ + "requests-toolbelt", + 0.0, + "2025-03-01T08:42:14.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/cms-oeda-dasg/cms-oeda-dasg_data.json b/app/site/_data/CMSgov/cms-oeda-dasg/cms-oeda-dasg_data.json index 2d39199d74..7877ac9e5a 100644 --- a/app/site/_data/CMSgov/cms-oeda-dasg/cms-oeda-dasg_data.json +++ b/app/site/_data/CMSgov/cms-oeda-dasg/cms-oeda-dasg_data.json @@ -1,279 +1,279 @@ { - "url": "https://github.com/CMSgov/cms-oeda-dasg", - "owner": "CMSgov", - "name": "cms-oeda-dasg", - "description": "The policies, procedures, RFCs, and more for the Data and Analytics Strategy Group (DASG) at the Centers for Medicare and Medicaid Services' Office of Enterprise Data and Analytics (OEDA).", - "commits_count": 37, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 5, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 3, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 2, - "watchers_count": 15, - "total_project_lines": 832, - "average_project_lines": 55, - "total_project_comment_lines": 28, - "average_project_comment_lines": 2, - "total_project_blank_lines": 207, - "average_blank_lines": 14, - "commits_by_month": { - "2022/2": 1, - "2020/7": 6, - "2020/6": 10, - "2020/5": 6, - "2020/4": 7 + "url": "https://github.com/CMSgov/cms-oeda-dasg", + "owner": "CMSgov", + "name": "cms-oeda-dasg", + "description": "The policies, procedures, RFCs, and more for the Data and Analytics Strategy Group (DASG) at the Centers for Medicare and Medicaid Services' Office of Enterprise Data and Analytics (OEDA).", + "commits_count": 37, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 5, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 3, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 2, + "watchers_count": 15, + "total_project_lines": 832, + "average_project_lines": 55, + "total_project_comment_lines": 28, + "average_project_comment_lines": 2, + "total_project_blank_lines": 207, + "average_blank_lines": 14, + "commits_by_month": { + "2022/2": 1, + "2020/7": 6, + "2020/6": 10, + "2020/5": 6, + "2020/4": 7 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-04-20T21:11:24Z", + "ossf_scorecard": { + "date": "2025-02-23T16:41:30Z", + "repo": { + "name": "github.com/CMSgov/cms-oeda-dasg", + "commit": "ff06d5380cdfaf3878e2a7837d7fd3af9facb500" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-04-20T21:11:24Z", - "ossf_scorecard": { - "date": "2025-02-23T16:41:30Z", - "repo": { - "name": "github.com/CMSgov/cms-oeda-dasg", - "commit": "ff06d5380cdfaf3878e2a7837d7fd3af9facb500" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 7, - "reason": "Found 3/4 approved changesets -- score normalized to 7", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 31518, - "CodeBytes": 0, - "Lines": 685, - "Code": 494, - "Comment": 0, - "Blank": 191, - "Complexity": 0, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 4227, - "CodeBytes": 0, - "Lines": 147, - "Code": 103, - "Comment": 28, - "Blank": 16, - "Complexity": 10, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 14332.923449693602, - "estimatedScheduleMonths_low": 2.8381414643751093, - "estimatedPeople_low": 0.4919831748600367, - "estimatedCost_high": 44667.64944142297, - "estimatedScheduleMonths_high": 2.8381414643751093, - "estimatedPeople_high": 0.4919831748600367, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 11 685 191 0 494 0\n(ULOC) 448\n-------------------------------------------------------------------------------\nTerraform 4 147 16 28 103 10\n(ULOC) 86\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 15 832 207 28 597 10\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 533\nDRYness % 0.64\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $15,716\nEstimated Schedule Effort (organic) 2.84 months\nEstimated People Required (organic) 0.49\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 35745 bytes, 0.036 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "HCL": 4227 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 7, + "reason": "Found 3/4 approved changesets -- score normalized to 7", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 31518, + "CodeBytes": 0, + "Lines": 685, + "Code": 494, + "Comment": 0, + "Blank": 191, + "Complexity": 0, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 4227, + "CodeBytes": 0, + "Lines": 147, + "Code": 103, + "Comment": 28, + "Blank": 16, + "Complexity": 10, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 14332.923449693602, + "estimatedScheduleMonths_low": 2.8381414643751093, + "estimatedPeople_low": 0.4919831748600367, + "estimatedCost_high": 44667.64944142297, + "estimatedScheduleMonths_high": 2.8381414643751093, + "estimatedPeople_high": 0.4919831748600367, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 11 685 191 0 494 0\n(ULOC) 448\n-------------------------------------------------------------------------------\nTerraform 4 147 16 28 103 10\n(ULOC) 86\n───────────────────────────────────────────────────────────────────────────────\nTotal 15 832 207 28 597 10\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 533\nDRYness % 0.64\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $15,716\nEstimated Schedule Effort (organic) 2.84 months\nEstimated People Required (organic) 0.49\n───────────────────────────────────────────────────────────────────────────────\nProcessed 35745 bytes, 0.036 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "HCL": 4227 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/cmscloud-infra-azops/cmscloud-infra-azops_data.json b/app/site/_data/CMSgov/cmscloud-infra-azops/cmscloud-infra-azops_data.json index db1fcaa873..1f90aaa1c0 100644 --- a/app/site/_data/CMSgov/cmscloud-infra-azops/cmscloud-infra-azops_data.json +++ b/app/site/_data/CMSgov/cmscloud-infra-azops/cmscloud-infra-azops_data.json @@ -1,339 +1,339 @@ { - "url": "https://github.com/CMSgov/cmscloud-infra-azops", - "owner": "CMSgov", - "name": "cmscloud-infra-azops", - "description": "This container image can be used to deploy ARM templates at Tenant, Management Group, Subscription and Resource Group scope and export current Azure configuration hierarchy in Git repository.", - "commits_count": 109, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 3, - "total_project_lines": 32412, - "average_project_lines": 426, - "total_project_comment_lines": 1284, - "average_project_comment_lines": 17, - "total_project_blank_lines": 655, - "average_blank_lines": 9, - "commits_by_month": { - "2020/11": 9, - "2020/10": 2, - "2020/9": 3, - "2020/8": 16 + "url": "https://github.com/CMSgov/cmscloud-infra-azops", + "owner": "CMSgov", + "name": "cmscloud-infra-azops", + "description": "This container image can be used to deploy ARM templates at Tenant, Management Group, Subscription and Resource Group scope and export current Azure configuration hierarchy in Git repository.", + "commits_count": 109, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 3, + "total_project_lines": 32412, + "average_project_lines": 426, + "total_project_comment_lines": 1284, + "average_project_comment_lines": 17, + "total_project_blank_lines": 655, + "average_blank_lines": 9, + "commits_by_month": { + "2020/11": 9, + "2020/10": 2, + "2020/9": 3, + "2020/8": 16 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-12-24T21:49:20Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:12Z", + "repo": { + "name": "github.com/CMSgov/cmscloud-infra-azops", + "commit": "f5cc2aaae7a67432602fb3b37d9e2ff7d205085e" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-12-24T21:49:20Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:12Z", - "repo": { - "name": "github.com/CMSgov/cmscloud-infra-azops", - "commit": "f5cc2aaae7a67432602fb3b37d9e2ff7d205085e" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.3, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 4 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "internal error: Client.Actions.ListWorkflowRunsByFileName: internal error: ListWorkflowRunsByFileName: GET https://api.github.com/repos/CMSgov/cmscloud-infra-azops/actions/workflows/release.yml/runs?status=success: 404 Not Found []", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Powershell", - "Bytes": 263232, - "CodeBytes": 0, - "Lines": 4986, - "Code": 3265, - "Comment": 1262, - "Blank": 459, - "Complexity": 567, - "Count": 35, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 1340359, - "CodeBytes": 0, - "Lines": 26733, - "Code": 26694, - "Comment": 0, - "Blank": 39, - "Complexity": 0, - "Count": 22, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 16211, - "CodeBytes": 0, - "Lines": 280, - "Code": 180, - "Comment": 0, - "Blank": 100, - "Complexity": 0, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 11147, - "CodeBytes": 0, - "Lines": 369, - "Code": 300, - "Comment": 22, - "Blank": 47, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 1267, - "CodeBytes": 0, - "Lines": 23, - "Code": 17, - "Comment": 0, - "Blank": 6, - "Complexity": 1, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 1162, - "CodeBytes": 0, - "Lines": 21, - "Code": 17, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 890579.5244486884, - "estimatedScheduleMonths_low": 13.630206953693161, - "estimatedPeople_low": 6.3653130001684834, - "estimatedCost_high": 2775434.763005978, - "estimatedScheduleMonths_high": 13.630206953693161, - "estimatedPeople_high": 6.3653130001684834, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nPowershell 35 4986 459 1262 3265 567\n(ULOC) 2689\n-------------------------------------------------------------------------------\nJSON 22 26733 39 0 26694 0\n(ULOC) 3410\n-------------------------------------------------------------------------------\nMarkdown 10 280 100 0 180 0\n(ULOC) 158\n-------------------------------------------------------------------------------\nYAML 7 369 47 22 300 0\n(ULOC) 181\n-------------------------------------------------------------------------------\nDockerfile 1 23 6 0 17 1\n(ULOC) 18\n-------------------------------------------------------------------------------\nLicense 1 21 4 0 17 0\n(ULOC) 18\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 76 32412 655 1284 30473 568\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 6447\nDRYness % 0.20\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $976,576\nEstimated Schedule Effort (organic) 13.63 months\nEstimated People Required (organic) 6.37\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 1633378 bytes, 1.633 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "PowerShell": 281892, - "Dockerfile": 1267 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.3, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 4 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "internal error: Client.Actions.ListWorkflowRunsByFileName: internal error: ListWorkflowRunsByFileName: GET https://api.github.com/repos/CMSgov/cmscloud-infra-azops/actions/workflows/release.yml/runs?status=success: 404 Not Found []", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Powershell", + "Bytes": 263232, + "CodeBytes": 0, + "Lines": 4986, + "Code": 3265, + "Comment": 1262, + "Blank": 459, + "Complexity": 567, + "Count": 35, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 1340359, + "CodeBytes": 0, + "Lines": 26733, + "Code": 26694, + "Comment": 0, + "Blank": 39, + "Complexity": 0, + "Count": 22, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 16211, + "CodeBytes": 0, + "Lines": 280, + "Code": 180, + "Comment": 0, + "Blank": 100, + "Complexity": 0, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 11147, + "CodeBytes": 0, + "Lines": 369, + "Code": 300, + "Comment": 22, + "Blank": 47, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 1267, + "CodeBytes": 0, + "Lines": 23, + "Code": 17, + "Comment": 0, + "Blank": 6, + "Complexity": 1, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 1162, + "CodeBytes": 0, + "Lines": 21, + "Code": 17, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 890579.5244486884, + "estimatedScheduleMonths_low": 13.630206953693161, + "estimatedPeople_low": 6.3653130001684834, + "estimatedCost_high": 2775434.763005978, + "estimatedScheduleMonths_high": 13.630206953693161, + "estimatedPeople_high": 6.3653130001684834, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nPowershell 35 4986 459 1262 3265 567\n(ULOC) 2689\n-------------------------------------------------------------------------------\nJSON 22 26733 39 0 26694 0\n(ULOC) 3410\n-------------------------------------------------------------------------------\nMarkdown 10 280 100 0 180 0\n(ULOC) 158\n-------------------------------------------------------------------------------\nYAML 7 369 47 22 300 0\n(ULOC) 181\n-------------------------------------------------------------------------------\nDockerfile 1 23 6 0 17 1\n(ULOC) 18\n-------------------------------------------------------------------------------\nLicense 1 21 4 0 17 0\n(ULOC) 18\n───────────────────────────────────────────────────────────────────────────────\nTotal 76 32412 655 1284 30473 568\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 6447\nDRYness % 0.20\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $976,576\nEstimated Schedule Effort (organic) 13.63 months\nEstimated People Required (organic) 6.37\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1633378 bytes, 1.633 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "PowerShell": 281892, + "Dockerfile": 1267 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/cmscloud-infra-mag-jmeter-aci/cmscloud-infra-mag-jmeter-aci_data.json b/app/site/_data/CMSgov/cmscloud-infra-mag-jmeter-aci/cmscloud-infra-mag-jmeter-aci_data.json index 65e38a3a44..052d614a37 100644 --- a/app/site/_data/CMSgov/cmscloud-infra-mag-jmeter-aci/cmscloud-infra-mag-jmeter-aci_data.json +++ b/app/site/_data/CMSgov/cmscloud-infra-mag-jmeter-aci/cmscloud-infra-mag-jmeter-aci_data.json @@ -1,349 +1,349 @@ { - "url": "https://github.com/CMSgov/cmscloud-infra-mag-jmeter-aci", - "owner": "CMSgov", - "name": "cmscloud-infra-mag-jmeter-aci", - "description": "Scalable cloud load/stress testing pipeline solution with Apache JMeter and Terraform to dynamically provision and destroy the required infrastructure on Azure.", - "commits_count": 39, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 2, - "total_project_lines": 1345, - "average_project_lines": 64, - "total_project_comment_lines": 92, - "average_project_comment_lines": 4, - "total_project_blank_lines": 317, - "average_blank_lines": 15, - "commits_by_month": { - "2022/3": 3, - "2022/1": 1, - "2021/9": 2, - "2021/8": 2, - "2021/4": 1, - "2021/1": 2, - "2020/12": 2, - "2020/11": 1, - "2020/9": 6, - "2020/8": 2, - "2020/4": 1, - "2020/3": 5, - "2020/2": 2 + "url": "https://github.com/CMSgov/cmscloud-infra-mag-jmeter-aci", + "owner": "CMSgov", + "name": "cmscloud-infra-mag-jmeter-aci", + "description": "Scalable cloud load/stress testing pipeline solution with Apache JMeter and Terraform to dynamically provision and destroy the required infrastructure on Azure.", + "commits_count": 39, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 2, + "total_project_lines": 1345, + "average_project_lines": 64, + "total_project_comment_lines": 92, + "average_project_comment_lines": 4, + "total_project_blank_lines": 317, + "average_blank_lines": 15, + "commits_by_month": { + "2022/3": 3, + "2022/1": 1, + "2021/9": 2, + "2021/8": 2, + "2021/4": 1, + "2021/1": 2, + "2020/12": 2, + "2020/11": 1, + "2020/9": 6, + "2020/8": 2, + "2020/4": 1, + "2020/3": 5, + "2020/2": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-02-16T23:03:03Z", + "ossf_scorecard": { + "date": "2025-02-23T16:43:49Z", + "repo": { + "name": "github.com/CMSgov/cmscloud-infra-mag-jmeter-aci", + "commit": "218f82158f2e0377797503694b4aff7a39cf81f1" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-02-16T23:03:03Z", - "ossf_scorecard": { - "date": "2025-02-23T16:43:49Z", - "repo": { - "name": "github.com/CMSgov/cmscloud-infra-mag-jmeter-aci", - "commit": "218f82158f2e0377797503694b4aff7a39cf81f1" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 32851, - "CodeBytes": 0, - "Lines": 591, - "Code": 400, - "Comment": 0, - "Blank": 191, - "Complexity": 0, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 7951, - "CodeBytes": 0, - "Lines": 314, - "Code": 213, - "Comment": 49, - "Blank": 52, - "Complexity": 1, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 6716, - "CodeBytes": 0, - "Lines": 206, - "Code": 174, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 1040, - "CodeBytes": 0, - "Lines": 31, - "Code": 20, - "Comment": 4, - "Blank": 7, - "Complexity": 2, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 1162, - "CodeBytes": 0, - "Lines": 21, - "Code": 17, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 5854, - "CodeBytes": 0, - "Lines": 182, - "Code": 112, - "Comment": 39, - "Blank": 31, - "Complexity": 9, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 22982.71729061388, - "estimatedScheduleMonths_low": 3.395934805644865, - "estimatedPeople_low": 0.6593128477181508, - "estimatedCost_high": 71624.18488814413, - "estimatedScheduleMonths_high": 3.395934805644865, - "estimatedPeople_high": 0.6593128477181508, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 9 591 191 0 400 0\n(ULOC) 359\n-------------------------------------------------------------------------------\nTerraform 4 314 52 49 213 1\n(ULOC) 150\n-------------------------------------------------------------------------------\nYAML 4 206 32 0 174 0\n(ULOC) 120\n-------------------------------------------------------------------------------\nDockerfile 2 31 7 4 20 2\n(ULOC) 26\n-------------------------------------------------------------------------------\nLicense 1 21 4 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nPython 1 182 31 39 112 9\n(ULOC) 123\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 21 1345 317 92 936 12\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 782\nDRYness % 0.58\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $25,201\nEstimated Schedule Effort (organic) 3.40 months\nEstimated People Required (organic) 0.66\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 55574 bytes, 0.056 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "HCL": 7951, - "Python": 5854, - "Dockerfile": 1040 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 32851, + "CodeBytes": 0, + "Lines": 591, + "Code": 400, + "Comment": 0, + "Blank": 191, + "Complexity": 0, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 7951, + "CodeBytes": 0, + "Lines": 314, + "Code": 213, + "Comment": 49, + "Blank": 52, + "Complexity": 1, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 6716, + "CodeBytes": 0, + "Lines": 206, + "Code": 174, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 1040, + "CodeBytes": 0, + "Lines": 31, + "Code": 20, + "Comment": 4, + "Blank": 7, + "Complexity": 2, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 1162, + "CodeBytes": 0, + "Lines": 21, + "Code": 17, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 5854, + "CodeBytes": 0, + "Lines": 182, + "Code": 112, + "Comment": 39, + "Blank": 31, + "Complexity": 9, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 22982.71729061388, + "estimatedScheduleMonths_low": 3.395934805644865, + "estimatedPeople_low": 0.6593128477181508, + "estimatedCost_high": 71624.18488814413, + "estimatedScheduleMonths_high": 3.395934805644865, + "estimatedPeople_high": 0.6593128477181508, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 9 591 191 0 400 0\n(ULOC) 359\n-------------------------------------------------------------------------------\nTerraform 4 314 52 49 213 1\n(ULOC) 150\n-------------------------------------------------------------------------------\nYAML 4 206 32 0 174 0\n(ULOC) 120\n-------------------------------------------------------------------------------\nDockerfile 2 31 7 4 20 2\n(ULOC) 26\n-------------------------------------------------------------------------------\nLicense 1 21 4 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nPython 1 182 31 39 112 9\n(ULOC) 123\n───────────────────────────────────────────────────────────────────────────────\nTotal 21 1345 317 92 936 12\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 782\nDRYness % 0.58\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $25,201\nEstimated Schedule Effort (organic) 3.40 months\nEstimated People Required (organic) 0.66\n───────────────────────────────────────────────────────────────────────────────\nProcessed 55574 bytes, 0.056 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "HCL": 7951, + "Python": 5854, + "Dockerfile": 1040 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/coverage-inspector/coverage-inspector_data.json b/app/site/_data/CMSgov/coverage-inspector/coverage-inspector_data.json index 246da55bd0..f1c0bbce88 100644 --- a/app/site/_data/CMSgov/coverage-inspector/coverage-inspector_data.json +++ b/app/site/_data/CMSgov/coverage-inspector/coverage-inspector_data.json @@ -1,258 +1,258 @@ { - "url": "https://github.com/CMSgov/coverage-inspector", - "owner": "CMSgov", - "name": "coverage-inspector", - "description": "A tool for inspecting plan coverage of providers, facilities, and drugs", - "commits_count": 1, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 8, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 8, - "closed_pull_requests_count": 0, - "forks_count": 7, - "stargazers_count": 0, - "watchers_count": 30, - "total_project_lines": 2, - "average_project_lines": 2, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 0, - "average_blank_lines": 0, - "commits_by_month": { - "2016/12": 1 + "url": "https://github.com/CMSgov/coverage-inspector", + "owner": "CMSgov", + "name": "coverage-inspector", + "description": "A tool for inspecting plan coverage of providers, facilities, and drugs", + "commits_count": 1, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 8, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 8, + "closed_pull_requests_count": 0, + "forks_count": 7, + "stargazers_count": 0, + "watchers_count": 30, + "total_project_lines": 2, + "average_project_lines": 2, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 0, + "average_blank_lines": 0, + "commits_by_month": { + "2016/12": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2016-12-12T16:25:14Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:24Z", + "repo": { + "name": "github.com/CMSgov/coverage-inspector", + "commit": "70a1c9a2a7a27363bf090c82d33cb6c892efb72d" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2016-12-12T16:25:14Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:24Z", - "repo": { - "name": "github.com/CMSgov/coverage-inspector", - "commit": "70a1c9a2a7a27363bf090c82d33cb6c892efb72d" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/1 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 93, - "CodeBytes": 0, - "Lines": 2, - "Code": 2, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 36.11130880546491, - "estimatedScheduleMonths_low": 0.2920997927220065, - "estimatedPeople_low": 0.01204374324362692, - "estimatedCost_high": 112.53861002292302, - "estimatedScheduleMonths_high": 0.2920997927220065, - "estimatedPeople_high": 0.01204374324362692, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 1 2 0 0 2 0\n(ULOC) 2\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 1 2 0 0 2 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 2\nDRYness % 1.00\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $39\nEstimated Schedule Effort (organic) 0.29 months\nEstimated People Required (organic) 0.01\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 93 bytes, 0.000 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/1 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 93, + "CodeBytes": 0, + "Lines": 2, + "Code": 2, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 36.11130880546491, + "estimatedScheduleMonths_low": 0.2920997927220065, + "estimatedPeople_low": 0.01204374324362692, + "estimatedCost_high": 112.53861002292302, + "estimatedScheduleMonths_high": 0.2920997927220065, + "estimatedPeople_high": 0.01204374324362692, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 1 2 0 0 2 0\n(ULOC) 2\n───────────────────────────────────────────────────────────────────────────────\nTotal 1 2 0 0 2 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2\nDRYness % 1.00\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $39\nEstimated Schedule Effort (organic) 0.29 months\nEstimated People Required (organic) 0.01\n───────────────────────────────────────────────────────────────────────────────\nProcessed 93 bytes, 0.000 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/design-system/design-system_data.json b/app/site/_data/CMSgov/design-system/design-system_data.json index c84e31f113..69e4f03095 100644 --- a/app/site/_data/CMSgov/design-system/design-system_data.json +++ b/app/site/_data/CMSgov/design-system/design-system_data.json @@ -1,538 +1,538 @@ { - "url": "https://github.com/CMSgov/design-system", - "owner": "CMSgov", - "name": "design-system", - "description": "Open source design and front-end development resources for creating Section 508 compliant, responsive, and consistent websites.", - "commits_count": 2423, - "issues_count": 248, - "open_issues_count": 9, - "closed_issues_count": 239, - "pull_requests_count": 3098, - "open_pull_requests_count": 6, - "merged_pull_requests_count": 2312, - "closed_pull_requests_count": 780, - "forks_count": 88, - "stargazers_count": 324, - "watchers_count": 58, - "total_project_lines": 110321, - "average_project_lines": 97, - "total_project_comment_lines": 7652, - "average_project_comment_lines": 7, - "total_project_blank_lines": 10499, - "average_blank_lines": 9, - "commits_by_month": { - "2025/2": 20, - "2025/1": 10 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-17T05:00:00.000Z", - 1 - ], - [ - "2024-09-18T05:00:00.000Z", - 1 - ], - [ - "2024-09-20T05:00:00.000Z", - 1 - ], - [ - "2024-09-24T05:00:00.000Z", - 1 - ], - [ - "2024-09-26T05:00:00.000Z", - 1 - ], - [ - "2024-10-15T05:00:00.000Z", - 1 - ], - [ - "2024-11-13T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/design-system", + "owner": "CMSgov", + "name": "design-system", + "description": "Open source design and front-end development resources for creating Section 508 compliant, responsive, and consistent websites.", + "commits_count": 2423, + "issues_count": 248, + "open_issues_count": 9, + "closed_issues_count": 239, + "pull_requests_count": 3098, + "open_pull_requests_count": 6, + "merged_pull_requests_count": 2312, + "closed_pull_requests_count": 780, + "forks_count": 88, + "stargazers_count": 324, + "watchers_count": 58, + "total_project_lines": 110321, + "average_project_lines": 97, + "total_project_comment_lines": 7652, + "average_project_comment_lines": 7, + "total_project_blank_lines": 10499, + "average_blank_lines": 9, + "commits_by_month": { + "2025/2": 20, + "2025/1": 10 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-17T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [ - [ - "2024-10-21T05:00:00.000Z", - 1 - ], - [ - "2024-12-05T06:00:00.000Z", - 1 - ], - [ - "2024-12-16T06:00:00.000Z", - 1 - ], - [ - "2024-12-27T06:00:00.000Z", - 1 - ], - [ - "2025-01-23T06:00:00.000Z", - 1 - ], - [ - "2025-01-30T06:00:00.000Z", - 1 - ], - [ - "2025-01-31T06:00:00.000Z", - 1 - ] + [ + "2024-09-18T05:00:00.000Z", + 1 ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", - "nadia_color": "ff69b4", - "nadia_badge_name": "club", - "created_at": "2017-02-07T03:13:01Z", - "ossf_scorecard": { - "date": "2025-02-23T16:32:11Z", - "repo": { - "name": "github.com/CMSgov/design-system", - "commit": "b9c4f0e57c7b62022803ed4853df5ac1ac859439" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 8, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 16 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": 0, - "reason": "Project has not signed or included provenance with any releases.", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "35 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "TypeScript", - "Bytes": 1647027, - "CodeBytes": 0, - "Lines": 48775, - "Code": 38554, - "Comment": 5028, - "Blank": 5193, - "Complexity": 3129, - "Count": 666, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "MDX", - "Bytes": 487327, - "CodeBytes": 0, - "Lines": 11622, - "Code": 8571, - "Comment": 0, - "Blank": 3051, - "Complexity": 0, - "Count": 123, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 181995, - "CodeBytes": 0, - "Lines": 8164, - "Code": 6163, - "Comment": 613, - "Blank": 1388, - "Complexity": 0, - "Count": 115, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 113037, - "CodeBytes": 0, - "Lines": 4290, - "Code": 4290, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 91, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 612458, - "CodeBytes": 0, - "Lines": 23620, - "Code": 23620, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 50, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 365821, - "CodeBytes": 0, - "Lines": 9478, - "Code": 7159, - "Comment": 2031, - "Blank": 288, - "Complexity": 1218, - "Count": 39, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 77061, - "CodeBytes": 0, - "Lines": 1486, - "Code": 985, - "Comment": 0, - "Blank": 501, - "Complexity": 0, - "Count": 34, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 148601, - "CodeBytes": 0, - "Lines": 269, - "Code": 264, - "Comment": 5, - "Blank": 0, - "Complexity": 0, - "Count": 25, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 59826, - "CodeBytes": 0, - "Lines": 1496, - "Code": 1369, - "Comment": 10, - "Blank": 117, - "Complexity": 0, - "Count": 17, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Astro", - "Bytes": 43952, - "CodeBytes": 0, - "Lines": 1138, - "Code": 1017, - "Comment": 19, - "Blank": 102, - "Complexity": 16, - "Count": 15, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSX", - "Bytes": 12230, - "CodeBytes": 0, - "Lines": 391, - "Code": 315, - "Comment": 6, - "Blank": 70, - "Complexity": 5, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript Typings", - "Bytes": 1027, - "CodeBytes": 0, - "Lines": 38, - "Code": 33, - "Comment": 4, - "Blank": 1, - "Complexity": 1, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 96409, - "CodeBytes": 0, - "Lines": 1948, - "Code": 1948, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 1069, - "CodeBytes": 0, - "Lines": 37, - "Code": 25, - "Comment": 3, - "Blank": 9, - "Complexity": 9, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 852, - "CodeBytes": 0, - "Lines": 35, - "Code": 35, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 2917635.717699017, - "estimatedScheduleMonths_low": 21.39629746839563, - "estimatedPeople_low": 13.284400118694222, - "estimatedCost_high": 9092627.187563758, - "estimatedScheduleMonths_high": 21.39629746839563, - "estimatedPeople_high": 13.284400118694222, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTypeScript 666 48775 5193 5028 38554 3129\n(ULOC) 22792\n-------------------------------------------------------------------------------\nMDX 123 11622 3051 0 8571 0\n(ULOC) 4588\n-------------------------------------------------------------------------------\nSass 115 8164 1388 613 6163 0\n(ULOC) 3709\n-------------------------------------------------------------------------------\nPlain Text 91 4290 0 0 4290 0\n(ULOC) 1016\n-------------------------------------------------------------------------------\nJSON 50 23620 0 0 23620 0\n(ULOC) 1851\n-------------------------------------------------------------------------------\nJavaScript 39 9478 288 2031 7159 1218\n(ULOC) 5470\n-------------------------------------------------------------------------------\nMarkdown 34 1486 501 0 985 0\n(ULOC) 812\n-------------------------------------------------------------------------------\nSVG 25 269 0 5 264 0\n(ULOC) 164\n-------------------------------------------------------------------------------\nHTML 17 1496 117 10 1369 0\n(ULOC) 877\n-------------------------------------------------------------------------------\nAstro 15 1138 102 19 1017 16\n(ULOC) 592\n-------------------------------------------------------------------------------\nJSX 9 391 70 6 315 5\n(ULOC) 221\n-------------------------------------------------------------------------------\nTypeScript Typings 7 38 1 4 33 1\n(ULOC) 34\n-------------------------------------------------------------------------------\nCSS 5 1948 0 0 1948 0\n(ULOC) 819\n-------------------------------------------------------------------------------\nShell 3 37 9 3 25 9\n(ULOC) 28\n-------------------------------------------------------------------------------\nYAML 2 35 0 0 35 0\n(ULOC) 22\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 1201 112787 10720 7719 94348 4378\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 42192\nDRYness % 0.37\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $3,199,371\nEstimated Schedule Effort (organic) 21.40 months\nEstimated People Required (organic) 13.28\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 3848692 bytes, 3.849 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-09-20T05:00:00.000Z", + 1 + ], + [ + "2024-09-24T05:00:00.000Z", + 1 + ], + [ + "2024-09-26T05:00:00.000Z", + 1 + ], + [ + "2024-10-15T05:00:00.000Z", + 1 + ], + [ + "2024-11-13T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [ + [ + "2024-10-21T05:00:00.000Z", + 1 + ], + [ + "2024-12-05T06:00:00.000Z", + 1 + ], + [ + "2024-12-16T06:00:00.000Z", + 1 + ], + [ + "2024-12-27T06:00:00.000Z", + 1 + ], + [ + "2025-01-23T06:00:00.000Z", + 1 + ], + [ + "2025-01-30T06:00:00.000Z", + 1 + ], + [ + "2025-01-31T06:00:00.000Z", + 1 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", + "nadia_color": "ff69b4", + "nadia_badge_name": "club", + "created_at": "2017-02-07T03:13:01Z", + "ossf_scorecard": { + "date": "2025-02-23T16:32:11Z", + "repo": { + "name": "github.com/CMSgov/design-system", + "commit": "b9c4f0e57c7b62022803ed4853df5ac1ac859439" }, - "predominant_langs": { - "TypeScript": 1627475, - "MDX": 488201, - "SCSS": 182172, - "JavaScript": 68937, - "Shell": 1069 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "design-system", - "201 days 28:36:31.945147" - ] + "score": 5.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 8, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 16 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": 0, + "reason": "Project has not signed or included provenance with any releases.", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "35 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "TypeScript", + "Bytes": 1651517, + "CodeBytes": 0, + "Lines": 48907, + "Code": 38666, + "Comment": 5039, + "Blank": 5202, + "Complexity": 3135, + "Count": 666, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "MDX", + "Bytes": 488201, + "CodeBytes": 0, + "Lines": 11638, + "Code": 8582, + "Comment": 0, + "Blank": 3056, + "Complexity": 0, + "Count": 123, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 182172, + "CodeBytes": 0, + "Lines": 8166, + "Code": 6163, + "Comment": 616, + "Blank": 1387, + "Complexity": 0, + "Count": 115, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 113037, + "CodeBytes": 0, + "Lines": 4290, + "Code": 4290, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 91, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 612458, + "CodeBytes": 0, + "Lines": 23620, + "Code": 23620, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 50, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 365821, + "CodeBytes": 0, + "Lines": 9478, + "Code": 7159, + "Comment": 2031, + "Blank": 288, + "Complexity": 1218, + "Count": 39, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 77061, + "CodeBytes": 0, + "Lines": 1486, + "Code": 985, + "Comment": 0, + "Blank": 501, + "Complexity": 0, + "Count": 34, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 148601, + "CodeBytes": 0, + "Lines": 269, + "Code": 264, + "Comment": 5, + "Blank": 0, + "Complexity": 0, + "Count": 25, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 59826, + "CodeBytes": 0, + "Lines": 1496, + "Code": 1369, + "Comment": 10, + "Blank": 117, + "Complexity": 0, + "Count": 17, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Astro", + "Bytes": 43952, + "CodeBytes": 0, + "Lines": 1138, + "Code": 1017, + "Comment": 19, + "Blank": 102, + "Complexity": 16, + "Count": 15, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSX", + "Bytes": 12230, + "CodeBytes": 0, + "Lines": 391, + "Code": 315, + "Comment": 6, + "Blank": 70, + "Complexity": 5, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript Typings", + "Bytes": 1027, + "CodeBytes": 0, + "Lines": 38, + "Code": 33, + "Comment": 4, + "Blank": 1, + "Complexity": 1, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 96409, + "CodeBytes": 0, + "Lines": 1948, + "Code": 1948, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 1069, + "CodeBytes": 0, + "Lines": 37, + "Code": 25, + "Comment": 3, + "Blank": 9, + "Complexity": 9, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 852, + "CodeBytes": 0, + "Lines": 35, + "Code": 35, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "estimatedCost_low": 2921629.707280056, + "estimatedScheduleMonths_low": 21.407422823527263, + "estimatedPeople_low": 13.295672004937773, + "estimatedCost_high": 9105074.203492137, + "estimatedScheduleMonths_high": 21.407422823527263, + "estimatedPeople_high": 13.295672004937773, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 666 48907 5202 5039 38666 3135\n(ULOC) 22833\n-------------------------------------------------------------------------------\nMDX 123 11638 3056 0 8582 0\n(ULOC) 4595\n-------------------------------------------------------------------------------\nSass 115 8166 1387 616 6163 0\n(ULOC) 3710\n-------------------------------------------------------------------------------\nPlain Text 91 4290 0 0 4290 0\n(ULOC) 1016\n-------------------------------------------------------------------------------\nJSON 50 23620 0 0 23620 0\n(ULOC) 1851\n-------------------------------------------------------------------------------\nJavaScript 39 9478 288 2031 7159 1218\n(ULOC) 5470\n-------------------------------------------------------------------------------\nMarkdown 34 1486 501 0 985 0\n(ULOC) 812\n-------------------------------------------------------------------------------\nSVG 25 269 0 5 264 0\n(ULOC) 164\n-------------------------------------------------------------------------------\nHTML 17 1496 117 10 1369 0\n(ULOC) 877\n-------------------------------------------------------------------------------\nAstro 15 1138 102 19 1017 16\n(ULOC) 592\n-------------------------------------------------------------------------------\nJSX 9 391 70 6 315 5\n(ULOC) 221\n-------------------------------------------------------------------------------\nTypeScript Typings 7 38 1 4 33 1\n(ULOC) 34\n-------------------------------------------------------------------------------\nCSS 5 1948 0 0 1948 0\n(ULOC) 819\n-------------------------------------------------------------------------------\nShell 3 37 9 3 25 9\n(ULOC) 28\n-------------------------------------------------------------------------------\nYAML 2 35 0 0 35 0\n(ULOC) 22\n───────────────────────────────────────────────────────────────────────────────\nTotal 1201 112937 10733 7733 94471 4384\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 42241\nDRYness % 0.37\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $3,203,751\nEstimated Schedule Effort (organic) 21.41 months\nEstimated People Required (organic) 13.30\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3854233 bytes, 3.854 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 1627475, + "MDX": 488201, + "SCSS": 182172, + "JavaScript": 68937, + "Shell": 1069 + }, + "average_issue_resolution_time": [ + [ + "design-system", + "201 days 28:36:31.945147" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/distributed-load-testing-on-aws/distributed-load-testing-on-aws_data.json b/app/site/_data/CMSgov/distributed-load-testing-on-aws/distributed-load-testing-on-aws_data.json index 3a79d0835c..16b0d0b1de 100644 --- a/app/site/_data/CMSgov/distributed-load-testing-on-aws/distributed-load-testing-on-aws_data.json +++ b/app/site/_data/CMSgov/distributed-load-testing-on-aws/distributed-load-testing-on-aws_data.json @@ -1,282 +1,282 @@ { - "url": "https://github.com/CMSgov/distributed-load-testing-on-aws", - "owner": "CMSgov", - "name": "distributed-load-testing-on-aws", - "description": null, - "commits_count": 42, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 2, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 1, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 3, - "total_project_lines": 21007, - "average_project_lines": 2334, - "total_project_comment_lines": 1145, - "average_project_comment_lines": 127, - "total_project_blank_lines": 150, - "average_blank_lines": 17, - "commits_by_month": { - "2024/3": 2, - "2023/10": 1, - "2023/5": 2, - "2023/4": 1, - "2022/11": 3, - "2022/4": 11, - "2021/9": 5, - "2021/8": 1, - "2021/7": 1, - "2021/6": 3 + "url": "https://github.com/CMSgov/distributed-load-testing-on-aws", + "owner": "CMSgov", + "name": "distributed-load-testing-on-aws", + "description": null, + "commits_count": 42, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 2, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 1, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 3, + "total_project_lines": 21007, + "average_project_lines": 2334, + "total_project_comment_lines": 1145, + "average_project_comment_lines": 127, + "total_project_blank_lines": 150, + "average_blank_lines": 17, + "commits_by_month": { + "2024/3": 2, + "2023/10": 1, + "2023/5": 2, + "2023/4": 1, + "2022/11": 3, + "2022/4": 11, + "2021/9": 5, + "2021/8": 1, + "2021/7": 1, + "2021/6": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-06-11T22:00:51Z", + "ossf_scorecard": { + "date": "2025-02-23T16:42:56Z", + "repo": { + "name": "github.com/CMSgov/distributed-load-testing-on-aws", + "commit": "7e91c30eea13d0004c22979423adb2a5f510a565" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-06-11T22:00:51Z", - "ossf_scorecard": { - "date": "2025-02-23T16:42:56Z", - "repo": { - "name": "github.com/CMSgov/distributed-load-testing-on-aws", - "commit": "7e91c30eea13d0004c22979423adb2a5f510a565" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "CloudFormation (YAML)", - "Bytes": 701104, - "CodeBytes": 0, - "Lines": 20993, - "Code": 19704, - "Comment": 1145, - "Blank": 144, - "Complexity": 1677, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1186, - "CodeBytes": 0, - "Lines": 14, - "Code": 8, - "Comment": 0, - "Blank": 6, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 563675.2403503162, - "estimatedScheduleMonths_low": 11.455599610671612, - "estimatedPeople_low": 4.793587295779041, - "estimatedCost_high": 1756658.2367616002, - "estimatedScheduleMonths_high": 11.455599610671612, - "estimatedPeople_high": 4.793587295779041, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nCloudFormation (YAM\u2026 8 20993 144 1145 19704 1677\n(ULOC) 2415\n-------------------------------------------------------------------------------\nMarkdown 1 14 6 0 8 0\n(ULOC) 9\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 9 21007 150 1145 19712 1677\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 2423\nDRYness % 0.12\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $618,105\nEstimated Schedule Effort (organic) 11.46 months\nEstimated People Required (organic) 4.79\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 702290 bytes, 0.702 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "CloudFormation (YAML)", + "Bytes": 701104, + "CodeBytes": 0, + "Lines": 20993, + "Code": 19704, + "Comment": 1145, + "Blank": 144, + "Complexity": 1677, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1186, + "CodeBytes": 0, + "Lines": 14, + "Code": 8, + "Comment": 0, + "Blank": 6, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 563675.2403503162, + "estimatedScheduleMonths_low": 11.455599610671612, + "estimatedPeople_low": 4.793587295779041, + "estimatedCost_high": 1756658.2367616002, + "estimatedScheduleMonths_high": 11.455599610671612, + "estimatedPeople_high": 4.793587295779041, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nCloudFormation (YAM… 8 20993 144 1145 19704 1677\n(ULOC) 2415\n-------------------------------------------------------------------------------\nMarkdown 1 14 6 0 8 0\n(ULOC) 9\n───────────────────────────────────────────────────────────────────────────────\nTotal 9 21007 150 1145 19712 1677\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2423\nDRYness % 0.12\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $618,105\nEstimated Schedule Effort (organic) 11.46 months\nEstimated People Required (organic) 4.79\n───────────────────────────────────────────────────────────────────────────────\nProcessed 702290 bytes, 0.702 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/downshift/downshift_data.json b/app/site/_data/CMSgov/downshift/downshift_data.json index e09a2eeb90..988ce72d7c 100644 --- a/app/site/_data/CMSgov/downshift/downshift_data.json +++ b/app/site/_data/CMSgov/downshift/downshift_data.json @@ -1,484 +1,484 @@ { - "url": "https://github.com/CMSgov/downshift", - "owner": "CMSgov", - "name": "downshift", - "description": "\ud83c\udfce Primitives to build simple, flexible, WAI-ARIA compliant enhanced input React components", - "commits_count": 313, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 3, - "stargazers_count": 0, - "watchers_count": 22, - "total_project_lines": 8131, - "average_project_lines": 106, - "total_project_comment_lines": 398, - "average_project_comment_lines": 5, - "total_project_blank_lines": 858, - "average_blank_lines": 11, - "commits_by_month": { - "2018/3": 14, - "2018/2": 11, - "2018/1": 5 + "url": "https://github.com/CMSgov/downshift", + "owner": "CMSgov", + "name": "downshift", + "description": "🏎 Primitives to build simple, flexible, WAI-ARIA compliant enhanced input React components", + "commits_count": 313, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 3, + "stargazers_count": 0, + "watchers_count": 22, + "total_project_lines": 8131, + "average_project_lines": 106, + "total_project_comment_lines": 398, + "average_project_comment_lines": 5, + "total_project_blank_lines": 858, + "average_blank_lines": 11, + "commits_by_month": { + "2018/3": 14, + "2018/2": 11, + "2018/1": 5 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", + "nadia_color": "ff69b4", + "nadia_badge_name": "club", + "created_at": "2018-03-20T14:22:52Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:12Z", + "repo": { + "name": "github.com/CMSgov/downshift", + "commit": "c2b215cdbb7115e7b4babb1c30bcfb09a58f0f8e" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", - "nadia_color": "ff69b4", - "nadia_badge_name": "club", - "created_at": "2018-03-20T14:22:52Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:12Z", - "repo": { - "name": "github.com/CMSgov/downshift", - "commit": "c2b215cdbb7115e7b4babb1c30bcfb09a58f0f8e" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.0, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 6 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "JavaScript", - "Bytes": 178638, - "CodeBytes": 0, - "Lines": 6231, - "Code": 5354, - "Comment": 398, - "Blank": 479, - "Complexity": 187, - "Count": 56, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 76201, - "CodeBytes": 0, - "Lines": 1386, - "Code": 1043, - "Comment": 0, - "Blank": 343, - "Complexity": 0, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 4666, - "CodeBytes": 0, - "Lines": 156, - "Code": 156, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 5060, - "CodeBytes": 0, - "Lines": 142, - "Code": 127, - "Comment": 0, - "Blank": 15, - "Complexity": 14, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 1072, - "CodeBytes": 0, - "Lines": 20, - "Code": 17, - "Comment": 0, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 2454, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript Typings", - "Bytes": 5339, - "CodeBytes": 0, - "Lines": 177, - "Code": 159, - "Comment": 0, - "Blank": 18, - "Complexity": 7, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 308, - "CodeBytes": 0, - "Lines": 18, - "Code": 18, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 186508.26037963474, - "estimatedScheduleMonths_low": 7.524750228409603, - "estimatedPeople_low": 2.414657234719331, - "estimatedCost_high": 581241.1977087096, - "estimatedScheduleMonths_high": 7.524750228409603, - "estimatedPeople_high": 2.414657234719331, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJavaScript 56 6231 479 398 5354 187\n(ULOC) 3139\n-------------------------------------------------------------------------------\nMarkdown 10 1386 343 0 1043 0\n(ULOC) 915\n-------------------------------------------------------------------------------\nJSON 5 156 0 0 156 0\n(ULOC) 135\n-------------------------------------------------------------------------------\nTypeScript 2 142 15 0 127 14\n(ULOC) 99\n-------------------------------------------------------------------------------\nLicense 1 20 3 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nSVG 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nTypeScript Typings 1 177 18 0 159 7\n(ULOC) 126\n-------------------------------------------------------------------------------\nYAML 1 18 0 0 18 0\n(ULOC) 18\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 77 8131 858 398 6875 208\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 4394\nDRYness % 0.54\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $204,518\nEstimated Schedule Effort (organic) 7.52 months\nEstimated People Required (organic) 2.41\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 273738 bytes, 0.274 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "JavaScript": 167252, - "TypeScript": 5060 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "@storybook/react", - 5.9342465753, - "2025-03-01T04:14:20.000" - ], - [ - "babel-jest", - 5.3205479452, - "2025-03-01T04:14:20.000" - ], - [ - "babel-preset-env", - 0.0, - "2025-03-01T04:14:20.000" - ], - [ - "babel-preset-react-native", - 0.0, - "2025-03-01T04:14:20.000" - ], - [ - "cross-env", - 1.2547945205, - "2025-03-01T04:14:20.000" - ], - [ - "cypress", - 6.9945205479, - "2025-03-01T04:14:20.000" - ], - [ - "enzyme", - 0.8356164384, - "2025-03-01T04:14:20.000" - ], - [ - "enzyme-adapter-react-16", - 0.0, - "2025-03-01T04:14:20.000" - ], - [ - "enzyme-to-json", - 0.0, - "2025-03-01T04:14:20.000" - ], - [ - "eslint-plugin-cypress", - 0.5397260274, - "2025-03-01T04:14:20.000" - ], - [ - "jest-serializer-html", - 3.5260273973, - "2025-03-01T04:14:20.000" - ], - [ - "kcd-scripts", - 5.5808219178, - "2025-03-01T04:14:20.000" - ], - [ - "npm-run-all", - 0.0, - "2025-03-01T04:14:20.000" - ], - [ - "preact", - 5.3315068493, - "2025-03-01T04:14:20.000" - ], - [ - "preact-render-to-string", - 6.4136986301, - "2025-03-01T04:14:20.000" - ], - [ - "preval.macro", - 2.3917808219, - "2025-03-01T04:14:20.000" - ], - [ - "prop-types", - 0.0, - "2025-03-01T04:14:20.000" - ], - [ - "react", - 5.3287671233, - "2025-03-01T04:14:20.000" - ], - [ - "react-dom", - 5.3287671233, - "2025-03-01T04:14:20.000" - ], - [ - "react-native", - -0.002739726, - "2025-03-01T04:14:20.000" - ], - [ - "react-test-renderer", - 5.3287671233, - "2025-03-01T04:14:20.000" - ], - [ - "serve", - 6.4054794521, - "2025-03-01T04:14:20.000" - ], - [ - "typescript", - 6.7150684932, - "2025-03-01T04:14:20.000" - ] + "score": 3.0, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 6 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JavaScript", + "Bytes": 178638, + "CodeBytes": 0, + "Lines": 6231, + "Code": 5354, + "Comment": 398, + "Blank": 479, + "Complexity": 187, + "Count": 56, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 76201, + "CodeBytes": 0, + "Lines": 1386, + "Code": 1043, + "Comment": 0, + "Blank": 343, + "Complexity": 0, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 4666, + "CodeBytes": 0, + "Lines": 156, + "Code": 156, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 5060, + "CodeBytes": 0, + "Lines": 142, + "Code": 127, + "Comment": 0, + "Blank": 15, + "Complexity": 14, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 1072, + "CodeBytes": 0, + "Lines": 20, + "Code": 17, + "Comment": 0, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 2454, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript Typings", + "Bytes": 5339, + "CodeBytes": 0, + "Lines": 177, + "Code": 159, + "Comment": 0, + "Blank": 18, + "Complexity": 7, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 308, + "CodeBytes": 0, + "Lines": 18, + "Code": 18, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 186508.26037963474, + "estimatedScheduleMonths_low": 7.524750228409603, + "estimatedPeople_low": 2.414657234719331, + "estimatedCost_high": 581241.1977087096, + "estimatedScheduleMonths_high": 7.524750228409603, + "estimatedPeople_high": 2.414657234719331, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 56 6231 479 398 5354 187\n(ULOC) 3139\n-------------------------------------------------------------------------------\nMarkdown 10 1386 343 0 1043 0\n(ULOC) 915\n-------------------------------------------------------------------------------\nJSON 5 156 0 0 156 0\n(ULOC) 135\n-------------------------------------------------------------------------------\nTypeScript 2 142 15 0 127 14\n(ULOC) 99\n-------------------------------------------------------------------------------\nLicense 1 20 3 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nSVG 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nTypeScript Typings 1 177 18 0 159 7\n(ULOC) 126\n-------------------------------------------------------------------------------\nYAML 1 18 0 0 18 0\n(ULOC) 18\n───────────────────────────────────────────────────────────────────────────────\nTotal 77 8131 858 398 6875 208\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 4394\nDRYness % 0.54\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $204,518\nEstimated Schedule Effort (organic) 7.52 months\nEstimated People Required (organic) 2.41\n───────────────────────────────────────────────────────────────────────────────\nProcessed 273738 bytes, 0.274 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 167252, + "TypeScript": 5060 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "@storybook/react", + 5.9342465753, + "2025-03-01T04:14:20.000" + ], + [ + "babel-jest", + 5.3205479452, + "2025-03-01T04:14:20.000" + ], + [ + "babel-preset-env", + 0.0, + "2025-03-01T04:14:20.000" + ], + [ + "babel-preset-react-native", + 0.0, + "2025-03-01T04:14:20.000" + ], + [ + "cross-env", + 1.2547945205, + "2025-03-01T04:14:20.000" + ], + [ + "cypress", + 6.9945205479, + "2025-03-01T04:14:20.000" + ], + [ + "enzyme", + 0.8356164384, + "2025-03-01T04:14:20.000" + ], + [ + "enzyme-adapter-react-16", + 0.0, + "2025-03-01T04:14:20.000" + ], + [ + "enzyme-to-json", + 0.0, + "2025-03-01T04:14:20.000" + ], + [ + "eslint-plugin-cypress", + 0.5397260274, + "2025-03-01T04:14:20.000" + ], + [ + "jest-serializer-html", + 3.5260273973, + "2025-03-01T04:14:20.000" + ], + [ + "kcd-scripts", + 5.5808219178, + "2025-03-01T04:14:20.000" + ], + [ + "npm-run-all", + 0.0, + "2025-03-01T04:14:20.000" + ], + [ + "preact", + 5.3315068493, + "2025-03-01T04:14:20.000" + ], + [ + "preact-render-to-string", + 6.4136986301, + "2025-03-01T04:14:20.000" + ], + [ + "preval.macro", + 2.3917808219, + "2025-03-01T04:14:20.000" + ], + [ + "prop-types", + 0.0, + "2025-03-01T04:14:20.000" + ], + [ + "react", + 5.3287671233, + "2025-03-01T04:14:20.000" + ], + [ + "react-dom", + 5.3287671233, + "2025-03-01T04:14:20.000" + ], + [ + "react-native", + -0.002739726, + "2025-03-01T04:14:20.000" + ], + [ + "react-test-renderer", + 5.3287671233, + "2025-03-01T04:14:20.000" + ], + [ + "serve", + 6.4054794521, + "2025-03-01T04:14:20.000" + ], + [ + "typescript", + 6.7150684932, + "2025-03-01T04:14:20.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/dpc-app/dpc-app_data.json b/app/site/_data/CMSgov/dpc-app/dpc-app_data.json index 861f67001a..94c5525782 100644 --- a/app/site/_data/CMSgov/dpc-app/dpc-app_data.json +++ b/app/site/_data/CMSgov/dpc-app/dpc-app_data.json @@ -1,718 +1,718 @@ { - "url": "https://github.com/CMSgov/dpc-app", - "owner": "CMSgov", - "name": "dpc-app", - "description": "Data @ the point of care application", - "commits_count": 2054, - "issues_count": 6, - "open_issues_count": 2, - "closed_issues_count": 4, - "pull_requests_count": 2483, - "open_pull_requests_count": 9, - "merged_pull_requests_count": 1852, - "closed_pull_requests_count": 622, - "forks_count": 18, - "stargazers_count": 46, - "watchers_count": 19, - "total_project_lines": 620191, - "average_project_lines": 344, - "total_project_comment_lines": 9487, - "average_project_comment_lines": 5, - "total_project_blank_lines": 18238, - "average_blank_lines": 10, - "commits_by_month": { - "2025/2": 30 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-18T05:00:00.000Z", - 2 - ], - [ - "2024-09-19T05:00:00.000Z", - 1 - ], - [ - "2024-09-23T05:00:00.000Z", - 1 - ], - [ - "2024-09-25T05:00:00.000Z", - 1 - ], - [ - "2024-09-30T05:00:00.000Z", - 1 - ], - [ - "2024-10-08T05:00:00.000Z", - 1 - ], - [ - "2024-10-15T05:00:00.000Z", - 1 - ], - [ - "2024-12-19T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/dpc-app", + "owner": "CMSgov", + "name": "dpc-app", + "description": "Data @ the point of care application", + "commits_count": 2054, + "issues_count": 6, + "open_issues_count": 2, + "closed_issues_count": 4, + "pull_requests_count": 2483, + "open_pull_requests_count": 9, + "merged_pull_requests_count": 1852, + "closed_pull_requests_count": 622, + "forks_count": 18, + "stargazers_count": 46, + "watchers_count": 19, + "total_project_lines": 620191, + "average_project_lines": 344, + "total_project_comment_lines": 9487, + "average_project_comment_lines": 5, + "total_project_blank_lines": 18238, + "average_blank_lines": 10, + "commits_by_month": { + "2025/2": 30 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-18T05:00:00.000Z", + 2 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", - "nadia_color": "ff69b4", - "nadia_badge_name": "club", - "created_at": "2019-02-04T15:45:48Z", - "ossf_scorecard": { - "date": "2025-02-23T16:34:12Z", - "repo": { - "name": "github.com/CMSgov/dpc-app", - "commit": "dc2ea28519dcc2f4dabb45c0fa86d53c47e0cf27" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.7, - "checks": [ - { - "details": null, - "score": 9, - "reason": "binaries present in source code", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 13 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 0, - "reason": "dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "43 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 2214407, - "CodeBytes": 0, - "Lines": 54903, - "Code": 41291, - "Comment": 4082, - "Blank": 9530, - "Complexity": 1062, - "Count": 584, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Ruby", - "Bytes": 1066005, - "CodeBytes": 0, - "Lines": 30055, - "Code": 22277, - "Comment": 3419, - "Blank": 4359, - "Complexity": 529, - "Count": 546, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Ruby HTML", - "Bytes": 352558, - "CodeBytes": 0, - "Lines": 6560, - "Code": 5812, - "Comment": 159, - "Blank": 589, - "Complexity": 356, - "Count": 145, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 180836, - "CodeBytes": 0, - "Lines": 5274, - "Code": 4094, - "Comment": 713, - "Blank": 467, - "Complexity": 0, - "Count": 83, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 75774, - "CodeBytes": 0, - "Lines": 3748, - "Code": 3077, - "Comment": 97, - "Blank": 574, - "Complexity": 1, - "Count": 56, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 7904498, - "CodeBytes": 0, - "Lines": 157328, - "Code": 157074, - "Comment": 88, - "Blank": 166, - "Complexity": 0, - "Count": 55, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 2762547, - "CodeBytes": 0, - "Lines": 24418, - "Code": 24391, - "Comment": 24, - "Blank": 3, - "Complexity": 0, - "Count": 47, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 5043748, - "CodeBytes": 0, - "Lines": 137995, - "Code": 137993, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 39, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 73917, - "CodeBytes": 0, - "Lines": 2442, - "Code": 1717, - "Comment": 317, - "Blank": 408, - "Complexity": 380, - "Count": 33, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 35795, - "CodeBytes": 0, - "Lines": 1015, - "Code": 716, - "Comment": 108, - "Blank": 191, - "Complexity": 96, - "Count": 29, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go", - "Bytes": 94969, - "CodeBytes": 0, - "Lines": 3394, - "Code": 2881, - "Comment": 73, - "Blank": 440, - "Complexity": 475, - "Count": 26, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 87670, - "CodeBytes": 0, - "Lines": 1558, - "Code": 1128, - "Comment": 0, - "Blank": 430, - "Complexity": 0, - "Count": 25, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 75829, - "CodeBytes": 0, - "Lines": 1190, - "Code": 1063, - "Comment": 56, - "Blank": 71, - "Complexity": 0, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 8107, - "CodeBytes": 0, - "Lines": 51, - "Code": 43, - "Comment": 0, - "Blank": 8, - "Complexity": 0, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 5085665, - "CodeBytes": 0, - "Lines": 30563, - "Code": 30563, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Rakefile", - "Bytes": 2098, - "CodeBytes": 0, - "Lines": 74, - "Code": 37, - "Comment": 19, - "Blank": 18, - "Complexity": 2, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 45225, - "CodeBytes": 0, - "Lines": 2779, - "Code": 2252, - "Comment": 76, - "Blank": 451, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 1388, - "CodeBytes": 0, - "Lines": 104, - "Code": 68, - "Comment": 12, - "Blank": 24, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 6923, - "CodeBytes": 0, - "Lines": 215, - "Code": 128, - "Comment": 39, - "Blank": 48, - "Complexity": 56, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 8402, - "CodeBytes": 0, - "Lines": 310, - "Code": 256, - "Comment": 20, - "Blank": 34, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 8846, - "CodeBytes": 0, - "Lines": 261, - "Code": 185, - "Comment": 17, - "Blank": 59, - "Complexity": 1, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 232, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Autoconf", - "Bytes": 205, - "CodeBytes": 0, - "Lines": 11, - "Code": 11, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "BASH", - "Bytes": 2634, - "CodeBytes": 0, - "Lines": 107, - "Code": 70, - "Comment": 24, - "Blank": 13, - "Complexity": 8, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 14595309.506055778, - "estimatedScheduleMonths_low": 39.448262472311114, - "estimatedPeople_low": 36.0441624100062, - "estimatedCost_high": 45485358.99139993, - "estimatedScheduleMonths_high": 39.448262472311114, - "estimatedPeople_high": 36.0441624100062, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 584 54903 9530 4082 41291 1062\n(ULOC) 21456\n-------------------------------------------------------------------------------\nRuby 546 30055 4359 3419 22277 529\n(ULOC) 11733\n-------------------------------------------------------------------------------\nRuby HTML 145 6560 589 159 5812 356\n(ULOC) 2685\n-------------------------------------------------------------------------------\nYAML 83 5274 467 713 4094 0\n(ULOC) 2032\n-------------------------------------------------------------------------------\nSass 56 3748 574 97 3077 1\n(ULOC) 1392\n-------------------------------------------------------------------------------\nXML 55 157328 166 88 157074 0\n(ULOC) 4963\n-------------------------------------------------------------------------------\nSVG 47 24418 3 24 24391 0\n(ULOC) 19826\n-------------------------------------------------------------------------------\nJSON 39 137995 2 0 137993 0\n(ULOC) 4604\n-------------------------------------------------------------------------------\nJavaScript 33 2442 408 317 1717 380\n(ULOC) 870\n-------------------------------------------------------------------------------\nShell 29 1015 191 108 716 96\n(ULOC) 394\n-------------------------------------------------------------------------------\nGo 26 3394 440 73 2881 475\n(ULOC) 1545\n-------------------------------------------------------------------------------\nMarkdown 25 1558 430 0 1128 0\n(ULOC) 967\n-------------------------------------------------------------------------------\nHTML 13 1190 71 56 1063 0\n(ULOC) 368\n-------------------------------------------------------------------------------\nPlain Text 11 51 8 0 43 0\n(ULOC) 42\n-------------------------------------------------------------------------------\nCSV 9 30563 0 0 30563 0\n(ULOC) 30558\n-------------------------------------------------------------------------------\nRakefile 9 74 18 19 37 2\n(ULOC) 27\n-------------------------------------------------------------------------------\nCSS 4 2779 451 76 2252 0\n(ULOC) 1079\n-------------------------------------------------------------------------------\nDocker ignore 4 104 24 12 68 0\n(ULOC) 43\n-------------------------------------------------------------------------------\nDockerfile 4 215 48 39 128 56\n(ULOC) 82\n-------------------------------------------------------------------------------\nGemfile 4 310 34 20 256 0\n(ULOC) 145\n-------------------------------------------------------------------------------\nMakefile 4 261 59 17 185 1\n(ULOC) 181\n-------------------------------------------------------------------------------\nProperties File 3 6 0 0 6 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nAutoconf 2 11 0 0 11 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nBASH 1 107 13 24 70 8\n(ULOC) 81\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 1737 464370 17887 9343 437140 2966\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 104706\nDRYness % 0.23\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $16,004,676\nEstimated Schedule Effort (organic) 39.45 months\nEstimated People Required (organic) 36.04\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 25138660 bytes, 25.139 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-09-19T05:00:00.000Z", + 1 + ], + [ + "2024-09-23T05:00:00.000Z", + 1 + ], + [ + "2024-09-25T05:00:00.000Z", + 1 + ], + [ + "2024-09-30T05:00:00.000Z", + 1 + ], + [ + "2024-10-08T05:00:00.000Z", + 1 + ], + [ + "2024-10-15T05:00:00.000Z", + 1 + ], + [ + "2024-12-19T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", + "nadia_color": "ff69b4", + "nadia_badge_name": "club", + "created_at": "2019-02-04T15:45:48Z", + "ossf_scorecard": { + "date": "2025-02-23T16:34:12Z", + "repo": { + "name": "github.com/CMSgov/dpc-app", + "commit": "dc2ea28519dcc2f4dabb45c0fa86d53c47e0cf27" }, - "predominant_langs": { - "Java": 2208808, - "Ruby": 1081758, - "HTML": 428344, - "Go": 94969, - "SCSS": 75774, - "CSS": 45225, - "JavaScript": 43792, - "Shell": 38429, - "Makefile": 8846, - "Dockerfile": 6923 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "dpc-app", - "24 days 23:02:31.5" - ] + "score": 4.7, + "checks": [ + { + "details": null, + "score": 9, + "reason": "binaries present in source code", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 13 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 0, + "reason": "dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "43 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 2210937, + "CodeBytes": 0, + "Lines": 54720, + "Code": 41168, + "Comment": 4078, + "Blank": 9474, + "Complexity": 1065, + "Count": 583, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Ruby", + "Bytes": 1066469, + "CodeBytes": 0, + "Lines": 30065, + "Code": 22285, + "Comment": 3419, + "Blank": 4361, + "Complexity": 529, + "Count": 546, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Ruby HTML", + "Bytes": 352515, + "CodeBytes": 0, + "Lines": 6556, + "Code": 5808, + "Comment": 159, + "Blank": 589, + "Complexity": 358, + "Count": 145, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 181058, + "CodeBytes": 0, + "Lines": 5276, + "Code": 4097, + "Comment": 713, + "Blank": 466, + "Complexity": 0, + "Count": 83, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 75774, + "CodeBytes": 0, + "Lines": 3748, + "Code": 3077, + "Comment": 97, + "Blank": 574, + "Complexity": 1, + "Count": 56, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 7906760, + "CodeBytes": 0, + "Lines": 157364, + "Code": 157120, + "Comment": 78, + "Blank": 166, + "Complexity": 0, + "Count": 55, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 2762547, + "CodeBytes": 0, + "Lines": 24418, + "Code": 24391, + "Comment": 24, + "Blank": 3, + "Complexity": 0, + "Count": 47, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 5043768, + "CodeBytes": 0, + "Lines": 137995, + "Code": 137993, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 39, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 73917, + "CodeBytes": 0, + "Lines": 2442, + "Code": 1717, + "Comment": 317, + "Blank": 408, + "Complexity": 380, + "Count": 33, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 35795, + "CodeBytes": 0, + "Lines": 1015, + "Code": 716, + "Comment": 108, + "Blank": 191, + "Complexity": 96, + "Count": 29, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go", + "Bytes": 94969, + "CodeBytes": 0, + "Lines": 3394, + "Code": 2881, + "Comment": 73, + "Blank": 440, + "Complexity": 475, + "Count": 26, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 87395, + "CodeBytes": 0, + "Lines": 1554, + "Code": 1125, + "Comment": 0, + "Blank": 429, + "Complexity": 0, + "Count": 25, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 75829, + "CodeBytes": 0, + "Lines": 1190, + "Code": 1063, + "Comment": 56, + "Blank": 71, + "Complexity": 0, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 8107, + "CodeBytes": 0, + "Lines": 51, + "Code": 43, + "Comment": 0, + "Blank": 8, + "Complexity": 0, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 5085665, + "CodeBytes": 0, + "Lines": 30563, + "Code": 30563, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Rakefile", + "Bytes": 2098, + "CodeBytes": 0, + "Lines": 74, + "Code": 37, + "Comment": 19, + "Blank": 18, + "Complexity": 2, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 45225, + "CodeBytes": 0, + "Lines": 2779, + "Code": 2252, + "Comment": 76, + "Blank": 451, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 1388, + "CodeBytes": 0, + "Lines": 104, + "Code": 68, + "Comment": 12, + "Blank": 24, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 6923, + "CodeBytes": 0, + "Lines": 215, + "Code": 128, + "Comment": 39, + "Blank": 48, + "Complexity": 56, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 8402, + "CodeBytes": 0, + "Lines": 310, + "Code": 256, + "Comment": 20, + "Blank": 34, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 8846, + "CodeBytes": 0, + "Lines": 261, + "Code": 185, + "Comment": 17, + "Blank": 59, + "Complexity": 1, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 232, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Autoconf", + "Bytes": 205, + "CodeBytes": 0, + "Lines": 11, + "Code": 11, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "BASH", + "Bytes": 2634, + "CodeBytes": 0, + "Lines": 107, + "Code": 70, + "Comment": 24, + "Blank": 13, + "Complexity": 8, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 14592750.312655851, + "estimatedScheduleMonths_low": 39.44563387001982, + "estimatedPeople_low": 36.040243810359456, + "estimatedCost_high": 45477383.42702592, + "estimatedScheduleMonths_high": 39.44563387001982, + "estimatedPeople_high": 36.040243810359456, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 583 54720 9474 4078 41168 1065\n(ULOC) 21410\n-------------------------------------------------------------------------------\nRuby 546 30065 4361 3419 22285 529\n(ULOC) 11735\n-------------------------------------------------------------------------------\nRuby HTML 145 6556 589 159 5808 358\n(ULOC) 2685\n-------------------------------------------------------------------------------\nYAML 83 5276 466 713 4097 0\n(ULOC) 2037\n-------------------------------------------------------------------------------\nSass 56 3748 574 97 3077 1\n(ULOC) 1392\n-------------------------------------------------------------------------------\nXML 55 157364 166 78 157120 0\n(ULOC) 4990\n-------------------------------------------------------------------------------\nSVG 47 24418 3 24 24391 0\n(ULOC) 19826\n-------------------------------------------------------------------------------\nJSON 39 137995 2 0 137993 0\n(ULOC) 4604\n-------------------------------------------------------------------------------\nJavaScript 33 2442 408 317 1717 380\n(ULOC) 870\n-------------------------------------------------------------------------------\nShell 29 1015 191 108 716 96\n(ULOC) 394\n-------------------------------------------------------------------------------\nGo 26 3394 440 73 2881 475\n(ULOC) 1545\n-------------------------------------------------------------------------------\nMarkdown 25 1554 429 0 1125 0\n(ULOC) 965\n-------------------------------------------------------------------------------\nHTML 13 1190 71 56 1063 0\n(ULOC) 368\n-------------------------------------------------------------------------------\nPlain Text 11 51 8 0 43 0\n(ULOC) 42\n-------------------------------------------------------------------------------\nCSV 9 30563 0 0 30563 0\n(ULOC) 30558\n-------------------------------------------------------------------------------\nRakefile 9 74 18 19 37 2\n(ULOC) 27\n-------------------------------------------------------------------------------\nCSS 4 2779 451 76 2252 0\n(ULOC) 1079\n-------------------------------------------------------------------------------\nDocker ignore 4 104 24 12 68 0\n(ULOC) 43\n-------------------------------------------------------------------------------\nDockerfile 4 215 48 39 128 56\n(ULOC) 82\n-------------------------------------------------------------------------------\nGemfile 4 310 34 20 256 0\n(ULOC) 145\n-------------------------------------------------------------------------------\nMakefile 4 261 59 17 185 1\n(ULOC) 181\n-------------------------------------------------------------------------------\nProperties File 3 6 0 0 6 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nAutoconf 2 11 0 0 11 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nBASH 1 107 13 24 70 8\n(ULOC) 81\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 1736 464227 17831 9329 437067 2971\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 104695\nDRYness % 0.23\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $16,001,870\nEstimated Schedule Effort (organic) 39.45 months\nEstimated People Required (organic) 36.04\n───────────────────────────────────────────────────────────────────────────────\nProcessed 25137840 bytes, 25.138 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 2208808, + "Ruby": 1081758, + "HTML": 428344, + "Go": 94969, + "SCSS": 75774, + "CSS": 45225, + "JavaScript": 43792, + "Shell": 38429, + "Makefile": 8846, + "Dockerfile": 6923 + }, + "average_issue_resolution_time": [ + [ + "dpc-app", + "24 days 23:02:31.5" + ] + ], + "repo_dependency_libyear_list": [ + [ + "aiohttp", + 0.0, + "2025-03-01T19:06:12.000" + ], + [ + "ansi-regex", + 0.0, + "2025-03-01T19:06:12.000" + ], + [ + "bzt", + 0.0, + "2025-03-01T19:06:12.000" + ], + [ + "newman", + 0.0, + "2025-03-01T19:06:12.000" + ], + [ + "numpy", + 0.0, + "2025-03-01T19:06:12.000" + ], + [ + "requests", + 0.0, + "2025-03-01T19:06:12.000" + ], + [ + "setuptools", + 0.0, + "2025-03-01T19:06:12.000" + ], + [ + "urllib3", + 0.0, + "2025-03-01T19:06:12.000" + ], + [ + "wheel", + 0.0, + "2025-03-01T19:06:12.000" ], - "repo_dependency_libyear_list": [ - [ - "aiohttp", - 0.0, - "2025-03-01T19:06:12.000" - ], - [ - "ansi-regex", - 0.0, - "2025-03-01T19:06:12.000" - ], - [ - "bzt", - 0.0, - "2025-03-01T19:06:12.000" - ], - [ - "newman", - 0.0, - "2025-03-01T19:06:12.000" - ], - [ - "numpy", - 0.0, - "2025-03-01T19:06:12.000" - ], - [ - "requests", - 0.0, - "2025-03-01T19:06:12.000" - ], - [ - "setuptools", - 0.0, - "2025-03-01T19:06:12.000" - ], - [ - "urllib3", - 0.0, - "2025-03-01T19:06:12.000" - ], - [ - "wheel", - 0.0, - "2025-03-01T19:06:12.000" - ], - [ - "zipp", - 0.0, - "2025-03-01T19:06:12.000" - ] + [ + "zipp", + 0.0, + "2025-03-01T19:06:12.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/dpc-static-site/dpc-static-site_data.json b/app/site/_data/CMSgov/dpc-static-site/dpc-static-site_data.json index e5c6624496..823d469a12 100644 --- a/app/site/_data/CMSgov/dpc-static-site/dpc-static-site_data.json +++ b/app/site/_data/CMSgov/dpc-static-site/dpc-static-site_data.json @@ -1,564 +1,564 @@ { - "url": "https://github.com/CMSgov/dpc-static-site", - "owner": "CMSgov", - "name": "dpc-static-site", - "description": null, - "commits_count": 115, - "issues_count": 6, - "open_issues_count": 1, - "closed_issues_count": 5, - "pull_requests_count": 132, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 114, - "closed_pull_requests_count": 18, - "forks_count": 3, - "stargazers_count": 6, - "watchers_count": 20, - "total_project_lines": 314482, - "average_project_lines": 75, - "total_project_comment_lines": 18940, - "average_project_comment_lines": 4, - "total_project_blank_lines": 17973, - "average_blank_lines": 4, - "commits_by_month": { - "2025/2": 3, - "2025/1": 2, - "2024/12": 2, - "2024/10": 2, - "2024/9": 3, - "2024/8": 1, - "2024/7": 3, - "2024/6": 2, - "2024/5": 2, - "2024/4": 1, - "2024/3": 3, - "2024/1": 1, - "2023/10": 3, - "2023/9": 2 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-18T05:00:00.000Z", - 1 - ], - [ - "2024-09-20T05:00:00.000Z", - 1 - ], - [ - "2024-10-09T05:00:00.000Z", - 1 - ], - [ - "2024-12-30T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/dpc-static-site", + "owner": "CMSgov", + "name": "dpc-static-site", + "description": null, + "commits_count": 115, + "issues_count": 6, + "open_issues_count": 1, + "closed_issues_count": 5, + "pull_requests_count": 132, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 114, + "closed_pull_requests_count": 18, + "forks_count": 3, + "stargazers_count": 6, + "watchers_count": 20, + "total_project_lines": 314482, + "average_project_lines": 75, + "total_project_comment_lines": 18940, + "average_project_comment_lines": 4, + "total_project_blank_lines": 17973, + "average_blank_lines": 4, + "commits_by_month": { + "2025/2": 3, + "2025/1": 2, + "2024/12": 2, + "2024/10": 2, + "2024/9": 3, + "2024/8": 1, + "2024/7": 3, + "2024/6": 2, + "2024/5": 2, + "2024/4": 1, + "2024/3": 3, + "2024/1": 1, + "2023/10": 3, + "2023/9": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-18T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-03-31T20:05:10Z", - "ossf_scorecard": { - "date": "2025-02-23T16:38:34Z", - "repo": { - "name": "github.com/CMSgov/dpc-static-site", - "commit": "eb94ac81e05cf8cc4b3d948b434117040b1cb91b" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 8, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 7, - "reason": "22 out of 30 merged PRs checked by a CI test -- score normalized to 7", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 3, - "reason": "4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 4, - "reason": "6 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "HTML", - "Bytes": 15843944, - "CodeBytes": 0, - "Lines": 137053, - "Code": 115368, - "Comment": 11837, - "Blank": 9848, - "Complexity": 0, - "Count": 3764, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 148796, - "CodeBytes": 0, - "Lines": 3551, - "Code": 2795, - "Comment": 0, - "Blank": 756, - "Complexity": 0, - "Count": 113, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 4841352, - "CodeBytes": 0, - "Lines": 52473, - "Code": 52473, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 109, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 1910665, - "CodeBytes": 0, - "Lines": 37622, - "Code": 25954, - "Comment": 5745, - "Blank": 5923, - "Complexity": 7045, - "Count": 42, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 937404, - "CodeBytes": 0, - "Lines": 36507, - "Code": 34248, - "Comment": 1266, - "Blank": 993, - "Complexity": 0, - "Count": 39, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 1084292, - "CodeBytes": 0, - "Lines": 19261, - "Code": 19225, - "Comment": 0, - "Blank": 36, - "Complexity": 0, - "Count": 38, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 2436166, - "CodeBytes": 0, - "Lines": 23872, - "Code": 23852, - "Comment": 17, - "Blank": 3, - "Complexity": 4, - "Count": 33, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 37303, - "CodeBytes": 0, - "Lines": 1860, - "Code": 1563, - "Comment": 17, - "Blank": 280, - "Complexity": 0, - "Count": 26, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 369380, - "CodeBytes": 0, - "Lines": 1430, - "Code": 1386, - "Comment": 0, - "Blank": 44, - "Complexity": 0, - "Count": 14, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Java", - "Bytes": 2200, - "CodeBytes": 0, - "Lines": 98, - "Code": 56, - "Comment": 0, - "Blank": 42, - "Complexity": 0, - "Count": 14, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 16613, - "CodeBytes": 0, - "Lines": 519, - "Code": 454, - "Comment": 41, - "Blank": 24, - "Complexity": 0, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 2093, - "CodeBytes": 0, - "Lines": 66, - "Code": 53, - "Comment": 3, - "Blank": 10, - "Complexity": 5, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 1272, - "CodeBytes": 0, - "Lines": 35, - "Code": 13, - "Comment": 18, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "INI", - "Bytes": 62, - "CodeBytes": 0, - "Lines": 3, - "Code": 2, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 605, - "CodeBytes": 0, - "Lines": 17, - "Code": 13, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 28177, - "CodeBytes": 0, - "Lines": 163, - "Code": 161, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 382, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 9061288.306291267, - "estimatedScheduleMonths_low": 32.91235829417269, - "estimatedPeople_low": 26.821338951040506, - "estimatedCost_high": 28238931.922973182, - "estimatedScheduleMonths_high": 32.91235829417269, - "estimatedPeople_high": 26.821338951040506, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nHTML 3764 137053 9848 11837 115368 0\n(ULOC) 19862\n-------------------------------------------------------------------------------\nMarkdown 113 3551 756 0 2795 0\n(ULOC) 1439\n-------------------------------------------------------------------------------\nJSON 109 52473 0 0 52473 0\n(ULOC) 5962\n-------------------------------------------------------------------------------\nJavaScript 42 37622 5923 5745 25954 7045\n(ULOC) 8067\n-------------------------------------------------------------------------------\nCSS 39 36507 993 1266 34248 0\n(ULOC) 3891\n-------------------------------------------------------------------------------\nXML 38 19261 36 0 19225 0\n(ULOC) 2257\n-------------------------------------------------------------------------------\nSVG 33 23872 3 17 23852 4\n(ULOC) 22250\n-------------------------------------------------------------------------------\nSass 26 1860 280 17 1563 0\n(ULOC) 1017\n-------------------------------------------------------------------------------\nCSV 14 1430 44 0 1386 0\n(ULOC) 513\n-------------------------------------------------------------------------------\nJava 14 98 42 0 56 0\n(ULOC) 11\n-------------------------------------------------------------------------------\nYAML 10 519 24 41 454 0\n(ULOC) 363\n-------------------------------------------------------------------------------\nShell 2 66 10 3 53 5\n(ULOC) 45\n-------------------------------------------------------------------------------\nGemfile 1 35 4 18 13 0\n(ULOC) 30\n-------------------------------------------------------------------------------\nINI 1 3 1 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nMakefile 1 17 4 0 13 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nPlain Text 1 163 2 0 161 0\n(ULOC) 155\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 4209 314539 17972 18944 277623 7054\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 65649\nDRYness % 0.21\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $9,936,273\nEstimated Schedule Effort (organic) 32.91 months\nEstimated People Required (organic) 26.82\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 27660706 bytes, 27.661 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-09-20T05:00:00.000Z", + 1 + ], + [ + "2024-10-09T05:00:00.000Z", + 1 + ], + [ + "2024-12-30T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-03-31T20:05:10Z", + "ossf_scorecard": { + "date": "2025-02-23T16:38:34Z", + "repo": { + "name": "github.com/CMSgov/dpc-static-site", + "commit": "eb94ac81e05cf8cc4b3d948b434117040b1cb91b" }, - "predominant_langs": { - "HTML": 23529110, - "CSS": 103797, - "JavaScript": 43690, - "SCSS": 37303, - "Java": 2200, - "Shell": 2093, - "Ruby": 1272, - "Makefile": 609, - "Visual Basic 6.0": 7 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "dpc-static-site", - "01:21:53.4" - ] + "score": 5.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 8, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 7, + "reason": "22 out of 30 merged PRs checked by a CI test -- score normalized to 7", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 3, + "reason": "4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 4, + "reason": "6 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "HTML", + "Bytes": 15843944, + "CodeBytes": 0, + "Lines": 137053, + "Code": 115368, + "Comment": 11837, + "Blank": 9848, + "Complexity": 0, + "Count": 3764, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 148840, + "CodeBytes": 0, + "Lines": 3553, + "Code": 2796, + "Comment": 0, + "Blank": 757, + "Complexity": 0, + "Count": 113, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 4838566, + "CodeBytes": 0, + "Lines": 52381, + "Code": 52381, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 109, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 1910665, + "CodeBytes": 0, + "Lines": 37622, + "Code": 25954, + "Comment": 5745, + "Blank": 5923, + "Complexity": 7045, + "Count": 42, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 937404, + "CodeBytes": 0, + "Lines": 36507, + "Code": 34248, + "Comment": 1266, + "Blank": 993, + "Complexity": 0, + "Count": 39, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 1084292, + "CodeBytes": 0, + "Lines": 19261, + "Code": 19225, + "Comment": 0, + "Blank": 36, + "Complexity": 0, + "Count": 38, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 2436166, + "CodeBytes": 0, + "Lines": 23872, + "Code": 23852, + "Comment": 17, + "Blank": 3, + "Complexity": 4, + "Count": 33, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 37303, + "CodeBytes": 0, + "Lines": 1860, + "Code": 1563, + "Comment": 17, + "Blank": 280, + "Complexity": 0, + "Count": 26, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 369380, + "CodeBytes": 0, + "Lines": 1430, + "Code": 1386, + "Comment": 0, + "Blank": 44, + "Complexity": 0, + "Count": 14, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Java", + "Bytes": 2200, + "CodeBytes": 0, + "Lines": 98, + "Code": 56, + "Comment": 0, + "Blank": 42, + "Complexity": 0, + "Count": 14, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 16613, + "CodeBytes": 0, + "Lines": 519, + "Code": 454, + "Comment": 41, + "Blank": 24, + "Complexity": 0, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 2093, + "CodeBytes": 0, + "Lines": 66, + "Code": 53, + "Comment": 3, + "Blank": 10, + "Complexity": 5, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 1272, + "CodeBytes": 0, + "Lines": 35, + "Code": 13, + "Comment": 18, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "INI", + "Bytes": 62, + "CodeBytes": 0, + "Lines": 3, + "Code": 2, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 609, + "CodeBytes": 0, + "Lines": 17, + "Code": 13, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 28177, + "CodeBytes": 0, + "Lines": 163, + "Code": 161, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 382, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 9058169.692192202, + "estimatedScheduleMonths_low": 32.908053418332855, + "estimatedPeople_low": 26.815615312013747, + "estimatedCost_high": 28229212.959371027, + "estimatedScheduleMonths_high": 32.908053418332855, + "estimatedPeople_high": 26.815615312013747, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nHTML 3764 137053 9848 11837 115368 0\n(ULOC) 19862\n-------------------------------------------------------------------------------\nMarkdown 113 3553 757 0 2796 0\n(ULOC) 1440\n-------------------------------------------------------------------------------\nJSON 109 52381 0 0 52381 0\n(ULOC) 5908\n-------------------------------------------------------------------------------\nJavaScript 42 37622 5923 5745 25954 7045\n(ULOC) 8067\n-------------------------------------------------------------------------------\nCSS 39 36507 993 1266 34248 0\n(ULOC) 3891\n-------------------------------------------------------------------------------\nXML 38 19261 36 0 19225 0\n(ULOC) 2257\n-------------------------------------------------------------------------------\nSVG 33 23872 3 17 23852 4\n(ULOC) 22250\n-------------------------------------------------------------------------------\nSass 26 1860 280 17 1563 0\n(ULOC) 1017\n-------------------------------------------------------------------------------\nCSV 14 1430 44 0 1386 0\n(ULOC) 513\n-------------------------------------------------------------------------------\nJava 14 98 42 0 56 0\n(ULOC) 11\n-------------------------------------------------------------------------------\nYAML 10 519 24 41 454 0\n(ULOC) 363\n-------------------------------------------------------------------------------\nShell 2 66 10 3 53 5\n(ULOC) 45\n-------------------------------------------------------------------------------\nGemfile 1 35 4 18 13 0\n(ULOC) 30\n-------------------------------------------------------------------------------\nINI 1 3 1 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nMakefile 1 17 4 0 13 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nPlain Text 1 163 2 0 161 0\n(ULOC) 155\n-------------------------------------------------------------------------------\nTOML 1 9 2 0 7 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 4209 314449 17973 18944 277532 7054\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 65596\nDRYness % 0.21\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $9,932,853\nEstimated Schedule Effort (organic) 32.91 months\nEstimated People Required (organic) 26.82\n───────────────────────────────────────────────────────────────────────────────\nProcessed 27657968 bytes, 27.658 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "HTML": 23529110, + "CSS": 103797, + "JavaScript": 43690, + "SCSS": 37303, + "Java": 2200, + "Shell": 2093, + "Ruby": 1272, + "Makefile": 609, + "Visual Basic 6.0": 7 + }, + "average_issue_resolution_time": [ + [ + "dpc-static-site", + "01:21:53.4" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@cmsgov/design-system-core", + 0.0, + "2025-03-01T19:05:56.000" + ], + [ + "@cmsgov/design-system-layout", + 0.0, + "2025-03-01T19:05:56.000" + ], + [ + "normalize.css", + 0.0, + "2025-03-01T19:05:56.000" ], - "repo_dependency_libyear_list": [ - [ - "@cmsgov/design-system-core", - 0.0, - "2025-03-01T19:05:56.000" - ], - [ - "@cmsgov/design-system-layout", - 0.0, - "2025-03-01T19:05:56.000" - ], - [ - "normalize.css", - 0.0, - "2025-03-01T19:05:56.000" - ], - [ - "svg4everybody", - 0.0, - "2025-03-01T19:05:56.000" - ] + [ + "svg4everybody", + 0.0, + "2025-03-01T19:05:56.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/dpc_aop/dpc_aop_data.json b/app/site/_data/CMSgov/dpc_aop/dpc_aop_data.json index d6db3bd600..51f6415ab6 100644 --- a/app/site/_data/CMSgov/dpc_aop/dpc_aop_data.json +++ b/app/site/_data/CMSgov/dpc_aop/dpc_aop_data.json @@ -1,795 +1,795 @@ { - "url": "https://github.com/CMSgov/dpc_aop", - "owner": "CMSgov", - "name": "dpc_aop", - "description": null, - "commits_count": 11, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 8, - "open_pull_requests_count": 4, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 3, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 5, - "total_project_lines": 5274, - "average_project_lines": 55, - "total_project_comment_lines": 946, - "average_project_comment_lines": 10, - "total_project_blank_lines": 922, - "average_blank_lines": 10, - "commits_by_month": { - "2023/7": 2, - "2023/6": 9 + "url": "https://github.com/CMSgov/dpc_aop", + "owner": "CMSgov", + "name": "dpc_aop", + "description": null, + "commits_count": 11, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 8, + "open_pull_requests_count": 4, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 3, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 5, + "total_project_lines": 5274, + "average_project_lines": 55, + "total_project_comment_lines": 946, + "average_project_comment_lines": 10, + "total_project_blank_lines": 922, + "average_blank_lines": 10, + "commits_by_month": { + "2023/7": 2, + "2023/6": 9 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2023-06-05T13:25:31Z", + "ossf_scorecard": { + "date": "2025-02-23T16:42:37Z", + "repo": { + "name": "github.com/CMSgov/dpc_aop", + "commit": "d56796b0b61605c16752c36d31ce4589282631e5" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2023-06-05T13:25:31Z", - "ossf_scorecard": { - "date": "2025-02-23T16:42:37Z", - "repo": { - "name": "github.com/CMSgov/dpc_aop", - "commit": "d56796b0b61605c16752c36d31ce4589282631e5" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.0, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 1, - "reason": "Found 1/8 approved changesets -- score normalized to 1", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "30 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Python", - "Bytes": 137308, - "CodeBytes": 0, - "Lines": 4266, - "Code": 2704, - "Comment": 791, - "Blank": 771, - "Complexity": 177, - "Count": 83, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 11782, - "CodeBytes": 0, - "Lines": 453, - "Code": 421, - "Comment": 10, - "Blank": 22, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 489, - "CodeBytes": 0, - "Lines": 19, - "Code": 9, - "Comment": 0, - "Blank": 10, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 134, - "CodeBytes": 0, - "Lines": 4, - "Code": 4, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 3536, - "CodeBytes": 0, - "Lines": 103, - "Code": 40, - "Comment": 41, - "Blank": 22, - "Complexity": 10, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "INI", - "Bytes": 1682, - "CodeBytes": 0, - "Lines": 54, - "Code": 10, - "Comment": 31, - "Blank": 13, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 7398, - "CodeBytes": 0, - "Lines": 237, - "Code": 113, - "Comment": 64, - "Blank": 60, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Mako", - "Bytes": 494, - "CodeBytes": 0, - "Lines": 24, - "Code": 17, - "Comment": 0, - "Blank": 7, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 3097, - "CodeBytes": 0, - "Lines": 114, - "Code": 88, - "Comment": 9, - "Blank": 17, - "Complexity": 1, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 89211.04147746562, - "estimatedScheduleMonths_low": 5.68572556133563, - "estimatedPeople_low": 1.5285590623429772, - "estimatedCost_high": 278020.56858852913, - "estimatedScheduleMonths_high": 5.68572556133563, - "estimatedPeople_high": 1.5285590623429772, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nPython 83 4266 771 791 2704 177\n(ULOC) 2612\n-------------------------------------------------------------------------------\nYAML 4 453 22 10 421 0\n(ULOC) 219\n-------------------------------------------------------------------------------\nMarkdown 3 19 10 0 9 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nCSV 1 4 0 0 4 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nDockerfile 1 103 22 41 40 10\n(ULOC) 69\n-------------------------------------------------------------------------------\nINI 1 54 13 31 10 0\n(ULOC) 42\n-------------------------------------------------------------------------------\nMakefile 1 237 60 64 113 0\n(ULOC) 155\n-------------------------------------------------------------------------------\nMako 1 24 7 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nTOML 1 114 17 9 88 1\n(ULOC) 98\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 96 5274 922 946 3406 188\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 3213\nDRYness % 0.61\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $97,825\nEstimated Schedule Effort (organic) 5.69 months\nEstimated People Required (organic) 1.53\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 165920 bytes, 0.166 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Python": 137308, - "Makefile": 7398, - "Dockerfile": 3536, - "Mako": 494 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "alembic", - 2.5232876712, - "2025-03-01T04:31:25.000" - ], - [ - "apiflask", - 1.9178082192, - "2025-03-01T04:31:25.000" - ], - [ - "apispec", - 2.6575342466, - "2025-03-01T04:31:25.000" - ], - [ - "atomicwrites", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "attrs", - 2.495890411, - "2025-03-01T04:31:25.000" - ], - [ - "bandit", - 2.9589041096, - "2025-03-01T04:31:25.000" - ], - [ - "black", - 2.4136986301, - "2025-03-01T04:31:25.000" - ], - [ - "boto3", - 2.4767123288, - "2025-03-01T04:31:25.000" - ], - [ - "botocore", - 2.4767123288, - "2025-03-01T04:31:25.000" - ], - [ - "certifi", - 1.7369863014, - "2025-03-01T04:31:25.000" - ], - [ - "cffi", - 2.1835616438, - "2025-03-01T04:31:25.000" - ], - [ - "charset-normalizer", - 2.3479452055, - "2025-03-01T04:31:25.000" - ], - [ - "click", - 2.6520547945, - "2025-03-01T04:31:25.000" - ], - [ - "colorama", - 0.3561643836, - "2025-03-01T04:31:25.000" - ], - [ - "coverage", - 2.4931506849, - "2025-03-01T04:31:25.000" - ], - [ - "cryptography", - 1.701369863, - "2025-03-01T04:31:25.000" - ], - [ - "docopt", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "factory-boy", - 3.2739726027, - "2025-03-01T04:31:25.000" - ], - [ - "faker", - 2.4575342466, - "2025-03-01T04:31:25.000" - ], - [ - "flake8", - 2.5397260274, - "2025-03-01T04:31:25.000" - ], - [ - "flake8-alfred", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "flake8-bugbear", - 2.3068493151, - "2025-03-01T04:31:25.000" - ], - [ - "flask", - 1.5369863014, - "2025-03-01T04:31:25.000" - ], - [ - "flask-httpauth", - 0.9095890411, - "2025-03-01T04:31:25.000" - ], - [ - "flask-marshmallow", - 4.2794520548, - "2025-03-01T04:31:25.000" - ], - [ - "gitdb", - 3.1917808219, - "2025-03-01T04:31:25.000" - ], - [ - "gitpython", - 2.0136986301, - "2025-03-01T04:31:25.000" - ], - [ - "greenlet", - 2.0739726027, - "2025-03-01T04:31:25.000" - ], - [ - "idna", - 2.9260273973, - "2025-03-01T04:31:25.000" - ], - [ - "iniconfig", - 2.2328767123, - "2025-03-01T04:31:25.000" - ], - [ - "isort", - 3.301369863, - "2025-03-01T04:31:25.000" - ], - [ - "itsdangerous", - 2.0657534247, - "2025-03-01T04:31:25.000" - ], - [ - "jinja2", - 2.6520547945, - "2025-03-01T04:31:25.000" - ], - [ - "jmespath", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "mako", - 2.4356164384, - "2025-03-01T04:31:25.000" - ], - [ - "markupsafe", - 2.597260274, - "2025-03-01T04:31:25.000" - ], - [ - "marshmallow", - 2.3863013699, - "2025-03-01T04:31:25.000" - ], - [ - "marshmallow-dataclass", - 2.3780821918, - "2025-03-01T04:31:25.000" - ], - [ - "marshmallow-enum", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "mccabe", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "moto", - 2.1232876712, - "2025-03-01T04:31:25.000" - ], - [ - "mypy", - 2.5506849315, - "2025-03-01T04:31:25.000" - ], - [ - "mypy-extensions", - 3.301369863, - "2025-03-01T04:31:25.000" - ], - [ - "packaging", - 2.9753424658, - "2025-03-01T04:31:25.000" - ], - [ - "pathspec", - 1.2712328767, - "2025-03-01T04:31:25.000" - ], - [ - "pbr", - 2.4876712329, - "2025-03-01T04:31:25.000" - ], - [ - "platformdirs", - 2.4191780822, - "2025-03-01T04:31:25.000" - ], - [ - "pluggy", - 2.6547945205, - "2025-03-01T04:31:25.000" - ], - [ - "psycopg2-binary", - 2.797260274, - "2025-03-01T04:31:25.000" - ], - [ - "py", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "pycodestyle", - 2.002739726, - "2025-03-01T04:31:25.000" - ], - [ - "pycparser", - 2.397260274, - "2025-03-01T04:31:25.000" - ], - [ - "pydantic", - 2.3863013699, - "2025-03-01T04:31:25.000" - ], - [ - "pyflakes", - 1.4328767123, - "2025-03-01T04:31:25.000" - ], - [ - "pyparsing", - 2.6438356164, - "2025-03-01T04:31:25.000" - ], - [ - "pytest", - 3.2547945205, - "2025-03-01T04:31:25.000" - ], - [ - "pytest-lazy-fixture", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "pytest-watch", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "python-dateutil", - 2.6328767123, - "2025-03-01T04:31:25.000" - ], - [ - "python-dotenv", - 1.8328767123, - "2025-03-01T04:31:25.000" - ], - [ - "pytz", - 2.4684931507, - "2025-03-01T04:31:25.000" - ], - [ - "pyyaml", - 2.8164383562, - "2025-03-01T04:31:25.000" - ], - [ - "requests", - 1.0219178082, - "2025-03-01T04:31:25.000" - ], - [ - "responses", - 2.6410958904, - "2025-03-01T04:31:25.000" - ], - [ - "s3transfer", - 2.7452054795, - "2025-03-01T04:31:25.000" - ], - [ - "six", - 3.5863013699, - "2025-03-01T04:31:25.000" - ], - [ - "smart-open", - 2.3260273973, - "2025-03-01T04:31:25.000" - ], - [ - "smmap", - 3.2164383562, - "2025-03-01T04:31:25.000" - ], - [ - "sqlalchemy", - 2.4191780822, - "2025-03-01T04:31:25.000" - ], - [ - "sqlalchemy2-stubs", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "stevedore", - 2.6136986301, - "2025-03-01T04:31:25.000" - ], - [ - "toml", - 0.0, - "2025-03-01T04:31:25.000" - ], - [ - "tomli", - 2.802739726, - "2025-03-01T04:31:25.000" - ], - [ - "typeguard", - 3.1863013699, - "2025-03-01T04:31:25.000" - ], - [ - "types-pytz", - 2.4657534247, - "2025-03-01T04:31:25.000" - ], - [ - "typing-extensions", - 1.9369863014, - "2025-03-01T04:31:25.000" - ], - [ - "typing-inspect", - 0.7671232877, - "2025-03-01T04:31:25.000" - ], - [ - "urllib3", - 2.3342465753, - "2025-03-01T04:31:25.000" - ], - [ - "watchdog", - 1.8356164384, - "2025-03-01T04:31:25.000" - ], - [ - "webargs", - 2.1671232877, - "2025-03-01T04:31:25.000" - ], - [ - "werkzeug", - 1.7315068493, - "2025-03-01T04:31:25.000" - ], - [ - "xmltodict", - 2.4410958904, - "2025-03-01T04:31:25.000" - ] + "score": 2.0, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 1, + "reason": "Found 1/8 approved changesets -- score normalized to 1", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "30 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Python", + "Bytes": 137308, + "CodeBytes": 0, + "Lines": 4266, + "Code": 2704, + "Comment": 791, + "Blank": 771, + "Complexity": 177, + "Count": 83, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 11782, + "CodeBytes": 0, + "Lines": 453, + "Code": 421, + "Comment": 10, + "Blank": 22, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 489, + "CodeBytes": 0, + "Lines": 19, + "Code": 9, + "Comment": 0, + "Blank": 10, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 134, + "CodeBytes": 0, + "Lines": 4, + "Code": 4, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 3536, + "CodeBytes": 0, + "Lines": 103, + "Code": 40, + "Comment": 41, + "Blank": 22, + "Complexity": 10, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "INI", + "Bytes": 1682, + "CodeBytes": 0, + "Lines": 54, + "Code": 10, + "Comment": 31, + "Blank": 13, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 7398, + "CodeBytes": 0, + "Lines": 237, + "Code": 113, + "Comment": 64, + "Blank": 60, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Mako", + "Bytes": 494, + "CodeBytes": 0, + "Lines": 24, + "Code": 17, + "Comment": 0, + "Blank": 7, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 3097, + "CodeBytes": 0, + "Lines": 114, + "Code": 88, + "Comment": 9, + "Blank": 17, + "Complexity": 1, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 89211.04147746562, + "estimatedScheduleMonths_low": 5.68572556133563, + "estimatedPeople_low": 1.5285590623429772, + "estimatedCost_high": 278020.56858852913, + "estimatedScheduleMonths_high": 5.68572556133563, + "estimatedPeople_high": 1.5285590623429772, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nPython 83 4266 771 791 2704 177\n(ULOC) 2612\n-------------------------------------------------------------------------------\nYAML 4 453 22 10 421 0\n(ULOC) 219\n-------------------------------------------------------------------------------\nMarkdown 3 19 10 0 9 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nCSV 1 4 0 0 4 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nDockerfile 1 103 22 41 40 10\n(ULOC) 69\n-------------------------------------------------------------------------------\nINI 1 54 13 31 10 0\n(ULOC) 42\n-------------------------------------------------------------------------------\nMakefile 1 237 60 64 113 0\n(ULOC) 155\n-------------------------------------------------------------------------------\nMako 1 24 7 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nTOML 1 114 17 9 88 1\n(ULOC) 98\n───────────────────────────────────────────────────────────────────────────────\nTotal 96 5274 922 946 3406 188\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3213\nDRYness % 0.61\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $97,825\nEstimated Schedule Effort (organic) 5.69 months\nEstimated People Required (organic) 1.53\n───────────────────────────────────────────────────────────────────────────────\nProcessed 165920 bytes, 0.166 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Python": 137308, + "Makefile": 7398, + "Dockerfile": 3536, + "Mako": 494 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "alembic", + 2.5232876712, + "2025-03-01T04:31:25.000" + ], + [ + "apiflask", + 1.9178082192, + "2025-03-01T04:31:25.000" + ], + [ + "apispec", + 2.6575342466, + "2025-03-01T04:31:25.000" + ], + [ + "atomicwrites", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "attrs", + 2.495890411, + "2025-03-01T04:31:25.000" + ], + [ + "bandit", + 2.9589041096, + "2025-03-01T04:31:25.000" + ], + [ + "black", + 2.4136986301, + "2025-03-01T04:31:25.000" + ], + [ + "boto3", + 2.4767123288, + "2025-03-01T04:31:25.000" + ], + [ + "botocore", + 2.4767123288, + "2025-03-01T04:31:25.000" + ], + [ + "certifi", + 1.7369863014, + "2025-03-01T04:31:25.000" + ], + [ + "cffi", + 2.1835616438, + "2025-03-01T04:31:25.000" + ], + [ + "charset-normalizer", + 2.3479452055, + "2025-03-01T04:31:25.000" + ], + [ + "click", + 2.6520547945, + "2025-03-01T04:31:25.000" + ], + [ + "colorama", + 0.3561643836, + "2025-03-01T04:31:25.000" + ], + [ + "coverage", + 2.4931506849, + "2025-03-01T04:31:25.000" + ], + [ + "cryptography", + 1.701369863, + "2025-03-01T04:31:25.000" + ], + [ + "docopt", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "factory-boy", + 3.2739726027, + "2025-03-01T04:31:25.000" + ], + [ + "faker", + 2.4575342466, + "2025-03-01T04:31:25.000" + ], + [ + "flake8", + 2.5397260274, + "2025-03-01T04:31:25.000" + ], + [ + "flake8-alfred", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "flake8-bugbear", + 2.3068493151, + "2025-03-01T04:31:25.000" + ], + [ + "flask", + 1.5369863014, + "2025-03-01T04:31:25.000" + ], + [ + "flask-httpauth", + 0.9095890411, + "2025-03-01T04:31:25.000" + ], + [ + "flask-marshmallow", + 4.2794520548, + "2025-03-01T04:31:25.000" + ], + [ + "gitdb", + 3.1917808219, + "2025-03-01T04:31:25.000" + ], + [ + "gitpython", + 2.0136986301, + "2025-03-01T04:31:25.000" + ], + [ + "greenlet", + 2.0739726027, + "2025-03-01T04:31:25.000" + ], + [ + "idna", + 2.9260273973, + "2025-03-01T04:31:25.000" + ], + [ + "iniconfig", + 2.2328767123, + "2025-03-01T04:31:25.000" + ], + [ + "isort", + 3.301369863, + "2025-03-01T04:31:25.000" + ], + [ + "itsdangerous", + 2.0657534247, + "2025-03-01T04:31:25.000" + ], + [ + "jinja2", + 2.6520547945, + "2025-03-01T04:31:25.000" + ], + [ + "jmespath", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "mako", + 2.4356164384, + "2025-03-01T04:31:25.000" + ], + [ + "markupsafe", + 2.597260274, + "2025-03-01T04:31:25.000" + ], + [ + "marshmallow", + 2.3863013699, + "2025-03-01T04:31:25.000" + ], + [ + "marshmallow-dataclass", + 2.3780821918, + "2025-03-01T04:31:25.000" + ], + [ + "marshmallow-enum", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "mccabe", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "moto", + 2.1232876712, + "2025-03-01T04:31:25.000" + ], + [ + "mypy", + 2.5506849315, + "2025-03-01T04:31:25.000" + ], + [ + "mypy-extensions", + 3.301369863, + "2025-03-01T04:31:25.000" + ], + [ + "packaging", + 2.9753424658, + "2025-03-01T04:31:25.000" + ], + [ + "pathspec", + 1.2712328767, + "2025-03-01T04:31:25.000" + ], + [ + "pbr", + 2.4876712329, + "2025-03-01T04:31:25.000" + ], + [ + "platformdirs", + 2.4191780822, + "2025-03-01T04:31:25.000" + ], + [ + "pluggy", + 2.6547945205, + "2025-03-01T04:31:25.000" + ], + [ + "psycopg2-binary", + 2.797260274, + "2025-03-01T04:31:25.000" + ], + [ + "py", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "pycodestyle", + 2.002739726, + "2025-03-01T04:31:25.000" + ], + [ + "pycparser", + 2.397260274, + "2025-03-01T04:31:25.000" + ], + [ + "pydantic", + 2.3863013699, + "2025-03-01T04:31:25.000" + ], + [ + "pyflakes", + 1.4328767123, + "2025-03-01T04:31:25.000" + ], + [ + "pyparsing", + 2.6438356164, + "2025-03-01T04:31:25.000" + ], + [ + "pytest", + 3.2547945205, + "2025-03-01T04:31:25.000" + ], + [ + "pytest-lazy-fixture", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "pytest-watch", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "python-dateutil", + 2.6328767123, + "2025-03-01T04:31:25.000" + ], + [ + "python-dotenv", + 1.8328767123, + "2025-03-01T04:31:25.000" + ], + [ + "pytz", + 2.4684931507, + "2025-03-01T04:31:25.000" + ], + [ + "pyyaml", + 2.8164383562, + "2025-03-01T04:31:25.000" + ], + [ + "requests", + 1.0219178082, + "2025-03-01T04:31:25.000" + ], + [ + "responses", + 2.6410958904, + "2025-03-01T04:31:25.000" + ], + [ + "s3transfer", + 2.7452054795, + "2025-03-01T04:31:25.000" + ], + [ + "six", + 3.5863013699, + "2025-03-01T04:31:25.000" + ], + [ + "smart-open", + 2.3260273973, + "2025-03-01T04:31:25.000" + ], + [ + "smmap", + 3.2164383562, + "2025-03-01T04:31:25.000" + ], + [ + "sqlalchemy", + 2.4191780822, + "2025-03-01T04:31:25.000" + ], + [ + "sqlalchemy2-stubs", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "stevedore", + 2.6136986301, + "2025-03-01T04:31:25.000" + ], + [ + "toml", + 0.0, + "2025-03-01T04:31:25.000" + ], + [ + "tomli", + 2.802739726, + "2025-03-01T04:31:25.000" + ], + [ + "typeguard", + 3.1863013699, + "2025-03-01T04:31:25.000" + ], + [ + "types-pytz", + 2.4657534247, + "2025-03-01T04:31:25.000" + ], + [ + "typing-extensions", + 1.9369863014, + "2025-03-01T04:31:25.000" + ], + [ + "typing-inspect", + 0.7671232877, + "2025-03-01T04:31:25.000" + ], + [ + "urllib3", + 2.3342465753, + "2025-03-01T04:31:25.000" + ], + [ + "watchdog", + 1.8356164384, + "2025-03-01T04:31:25.000" + ], + [ + "webargs", + 2.1671232877, + "2025-03-01T04:31:25.000" + ], + [ + "werkzeug", + 1.7315068493, + "2025-03-01T04:31:25.000" + ], + [ + "xmltodict", + 2.4410958904, + "2025-03-01T04:31:25.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/drive2gource/drive2gource_data.json b/app/site/_data/CMSgov/drive2gource/drive2gource_data.json index 0a00647573..105f1d5e02 100644 --- a/app/site/_data/CMSgov/drive2gource/drive2gource_data.json +++ b/app/site/_data/CMSgov/drive2gource/drive2gource_data.json @@ -1,291 +1,291 @@ { - "url": "https://github.com/CMSgov/drive2gource", - "owner": "CMSgov", - "name": "drive2gource", - "description": "Generate a Gource (https://gource.io) visualization from the history of a Google Drive folder. ", - "commits_count": 8, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 2, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 0, - "forks_count": 1, - "stargazers_count": 6, - "watchers_count": 5, - "total_project_lines": 1072, - "average_project_lines": 119, - "total_project_comment_lines": 31, - "average_project_comment_lines": 3, - "total_project_blank_lines": 148, - "average_blank_lines": 16, - "commits_by_month": { - "2024/3": 3, - "2023/7": 5 + "url": "https://github.com/CMSgov/drive2gource", + "owner": "CMSgov", + "name": "drive2gource", + "description": "Generate a Gource (https://gource.io) visualization from the history of a Google Drive folder. ", + "commits_count": 8, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 2, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 0, + "forks_count": 1, + "stargazers_count": 6, + "watchers_count": 5, + "total_project_lines": 1072, + "average_project_lines": 119, + "total_project_comment_lines": 31, + "average_project_comment_lines": 3, + "total_project_blank_lines": 148, + "average_blank_lines": 16, + "commits_by_month": { + "2024/3": 3, + "2023/7": 5 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2023-08-03T19:00:49Z", + "ossf_scorecard": { + "date": "2025-02-23T16:38:48Z", + "repo": { + "name": "github.com/CMSgov/drive2gource", + "commit": "b0337c76b1020468037079bd83fff1673de5bc53" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2023-08-03T19:00:49Z", - "ossf_scorecard": { - "date": "2025-02-23T16:38:48Z", - "repo": { - "name": "github.com/CMSgov/drive2gource", - "commit": "b0337c76b1020468037079bd83fff1673de5bc53" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 1, - "reason": "Found 1/6 approved changesets -- score normalized to 1", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 11090, - "CodeBytes": 0, - "Lines": 223, - "Code": 151, - "Comment": 0, - "Blank": 72, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 14475, - "CodeBytes": 0, - "Lines": 482, - "Code": 375, - "Comment": 31, - "Blank": 76, - "Complexity": 78, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 7883, - "CodeBytes": 0, - "Lines": 367, - "Code": 367, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 21875.3880374598, - "estimatedScheduleMonths_low": 3.3328058324048273, - "estimatedPeople_low": 0.639433316916808, - "estimatedCost_high": 68173.2633040219, - "estimatedScheduleMonths_high": 3.3328058324048273, - "estimatedPeople_high": 0.639433316916808, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 6 223 72 0 151 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nJavaScript 2 482 76 31 375 78\n(ULOC) 310\n-------------------------------------------------------------------------------\nJSON 1 367 0 0 367 0\n(ULOC) 133\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 9 1072 148 31 893 78\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 580\nDRYness % 0.54\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $23,987\nEstimated Schedule Effort (organic) 3.33 months\nEstimated People Required (organic) 0.64\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 33448 bytes, 0.033 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "JavaScript": 14475 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 1, + "reason": "Found 1/6 approved changesets -- score normalized to 1", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 11090, + "CodeBytes": 0, + "Lines": 223, + "Code": 151, + "Comment": 0, + "Blank": 72, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 14475, + "CodeBytes": 0, + "Lines": 482, + "Code": 375, + "Comment": 31, + "Blank": 76, + "Complexity": 78, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 7883, + "CodeBytes": 0, + "Lines": 367, + "Code": 367, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 21875.3880374598, + "estimatedScheduleMonths_low": 3.3328058324048273, + "estimatedPeople_low": 0.639433316916808, + "estimatedCost_high": 68173.2633040219, + "estimatedScheduleMonths_high": 3.3328058324048273, + "estimatedPeople_high": 0.639433316916808, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 6 223 72 0 151 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nJavaScript 2 482 76 31 375 78\n(ULOC) 310\n-------------------------------------------------------------------------------\nJSON 1 367 0 0 367 0\n(ULOC) 133\n───────────────────────────────────────────────────────────────────────────────\nTotal 9 1072 148 31 893 78\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 580\nDRYness % 0.54\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $23,987\nEstimated Schedule Effort (organic) 3.33 months\nEstimated People Required (organic) 0.64\n───────────────────────────────────────────────────────────────────────────────\nProcessed 33448 bytes, 0.033 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 14475 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/easi-app/easi-app_data.json b/app/site/_data/CMSgov/easi-app/easi-app_data.json index 4b7d0e05d3..084668eae8 100644 --- a/app/site/_data/CMSgov/easi-app/easi-app_data.json +++ b/app/site/_data/CMSgov/easi-app/easi-app_data.json @@ -1,2116 +1,2116 @@ { - "url": "https://github.com/CMSgov/easi-app", - "owner": "CMSgov", - "name": "easi-app", - "description": "EASi App", - "commits_count": 9025, - "issues_count": 1, - "open_issues_count": 0, - "closed_issues_count": 1, - "pull_requests_count": 3026, - "open_pull_requests_count": 3, - "merged_pull_requests_count": 2676, - "closed_pull_requests_count": 347, - "forks_count": 0, - "stargazers_count": 3, - "watchers_count": 2, - "total_project_lines": 345136, - "average_project_lines": 149, - "total_project_comment_lines": 21903, - "average_project_comment_lines": 9, - "total_project_blank_lines": 38066, - "average_blank_lines": 16, - "commits_by_month": { - "2025/2": 30 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-16T05:00:00.000Z", - 1 - ], - [ - "2024-09-20T05:00:00.000Z", - 1 - ], - [ - "2024-09-24T05:00:00.000Z", - 1 - ], - [ - "2024-09-30T05:00:00.000Z", - 1 - ], - [ - "2024-10-01T05:00:00.000Z", - 1 - ], - [ - "2024-10-03T05:00:00.000Z", - 1 - ], - [ - "2024-10-22T05:00:00.000Z", - 1 - ], - [ - "2024-11-14T06:00:00.000Z", - 1 - ], - [ - "2024-12-04T06:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2019-10-17T17:29:28Z", - "ossf_scorecard": { - "date": "2025-02-23T16:36:27Z", - "repo": { - "name": "github.com/CMSgov/easi-app", - "commit": "f49e15fb100006918cb4e2353fec8854d1db23d5" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.0, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 8, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 7 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "23 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "TypeScript", - "Bytes": 3651388, - "CodeBytes": 0, - "Lines": 111130, - "Code": 95393, - "Comment": 5819, - "Blank": 9918, - "Complexity": 7319, - "Count": 945, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go", - "Bytes": 6478549, - "CodeBytes": 0, - "Lines": 199344, - "Code": 160576, - "Comment": 13937, - "Blank": 24831, - "Complexity": 26501, - "Count": 734, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 110167, - "CodeBytes": 0, - "Lines": 3171, - "Code": 2660, - "Comment": 238, - "Blank": 273, - "Complexity": 9, - "Count": 279, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 76912, - "CodeBytes": 0, - "Lines": 3796, - "Code": 3151, - "Comment": 109, - "Blank": 536, - "Complexity": 0, - "Count": 104, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 202603, - "CodeBytes": 0, - "Lines": 4375, - "Code": 3207, - "Comment": 0, - "Blank": 1168, - "Complexity": 0, - "Count": 64, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 81946, - "CodeBytes": 0, - "Lines": 2788, - "Code": 2524, - "Comment": 130, - "Blank": 134, - "Complexity": 0, - "Count": 64, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go Template", - "Bytes": 49802, - "CodeBytes": 0, - "Lines": 1310, - "Code": 1076, - "Comment": 0, - "Blank": 234, - "Complexity": 78, - "Count": 47, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "BASH", - "Bytes": 24031, - "CodeBytes": 0, - "Lines": 705, - "Code": 445, - "Comment": 132, - "Blank": 128, - "Complexity": 54, - "Count": 22, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 83233, - "CodeBytes": 0, - "Lines": 2596, - "Code": 1776, - "Comment": 314, - "Blank": 506, - "Complexity": 46, - "Count": 21, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 411600, - "CodeBytes": 0, - "Lines": 12259, - "Code": 12259, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 18, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 20022, - "CodeBytes": 0, - "Lines": 581, - "Code": 370, - "Comment": 106, - "Blank": 105, - "Complexity": 44, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript Typings", - "Bytes": 4977, - "CodeBytes": 0, - "Lines": 173, - "Code": 144, - "Comment": 11, - "Blank": 18, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 95, - "CodeBytes": 0, - "Lines": 3, - "Code": 3, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 171, - "CodeBytes": 0, - "Lines": 16, - "Code": 8, - "Comment": 4, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 1038, - "CodeBytes": 0, - "Lines": 43, - "Code": 29, - "Comment": 0, - "Blank": 14, - "Complexity": 2, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "GraphQL", - "Bytes": 75880, - "CodeBytes": 0, - "Lines": 3083, - "Code": 1983, - "Comment": 828, - "Blank": 272, - "Complexity": 233, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 1590, - "CodeBytes": 0, - "Lines": 42, - "Code": 25, - "Comment": 15, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 11357, - "CodeBytes": 0, - "Lines": 201, - "Code": 169, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Ruby", - "Bytes": 13726, - "CodeBytes": 0, - "Lines": 495, - "Code": 454, - "Comment": 16, - "Blank": 25, - "Complexity": 17, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 9357238.302501619, - "estimatedScheduleMonths_low": 33.31677407797525, - "estimatedPeople_low": 27.361144142678402, - "estimatedCost_high": 29161241.368726697, - "estimatedScheduleMonths_high": 33.31677407797525, - "estimatedPeople_high": 27.361144142678402, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTypeScript 945 111130 9918 5819 95393 7319\n(ULOC) 48046\n-------------------------------------------------------------------------------\nGo 734 199344 24831 13937 160576 26501\n(ULOC) 55370\n-------------------------------------------------------------------------------\nSQL 279 3171 273 238 2660 9\n(ULOC) 1771\n-------------------------------------------------------------------------------\nSass 104 3796 536 109 3151 0\n(ULOC) 1834\n-------------------------------------------------------------------------------\nMarkdown 64 4375 1168 0 3207 0\n(ULOC) 2897\n-------------------------------------------------------------------------------\nYAML 64 2788 134 130 2524 0\n(ULOC) 1319\n-------------------------------------------------------------------------------\nGo Template 47 1310 234 0 1076 78\n(ULOC) 409\n-------------------------------------------------------------------------------\nBASH 22 705 128 132 445 54\n(ULOC) 464\n-------------------------------------------------------------------------------\nJavaScript 21 2596 506 314 1776 46\n(ULOC) 1286\n-------------------------------------------------------------------------------\nJSON 18 12259 0 0 12259 0\n(ULOC) 2771\n-------------------------------------------------------------------------------\nShell 11 581 105 106 370 44\n(ULOC) 347\n-------------------------------------------------------------------------------\nTypeScript Typings 4 173 18 11 144 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nPlain Text 2 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nDocker ignore 1 16 4 4 8 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nDockerfile 1 43 14 0 29 2\n(ULOC) 29\n-------------------------------------------------------------------------------\nGraphQL 1 3083 272 828 1983 233\n(ULOC) 1492\n-------------------------------------------------------------------------------\nHTML 1 42 2 15 25 0\n(ULOC) 37\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nRuby 1 495 25 16 454 17\n(ULOC) 332\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 2321 346111 38200 21659 286252 34303\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 116958\nDRYness % 0.34\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $10,260,801\nEstimated Schedule Effort (organic) 33.32 months\nEstimated People Required (organic) 27.36\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 11299087 bytes, 11.299 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/easi-app", + "owner": "CMSgov", + "name": "easi-app", + "description": "EASi App", + "commits_count": 9025, + "issues_count": 1, + "open_issues_count": 0, + "closed_issues_count": 1, + "pull_requests_count": 3026, + "open_pull_requests_count": 3, + "merged_pull_requests_count": 2676, + "closed_pull_requests_count": 347, + "forks_count": 0, + "stargazers_count": 3, + "watchers_count": 2, + "total_project_lines": 345136, + "average_project_lines": 149, + "total_project_comment_lines": 21903, + "average_project_comment_lines": 9, + "total_project_blank_lines": 38066, + "average_blank_lines": 16, + "commits_by_month": { + "2025/2": 30 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-16T05:00:00.000Z", + 1 + ], + [ + "2024-09-20T05:00:00.000Z", + 1 + ], + [ + "2024-09-24T05:00:00.000Z", + 1 + ], + [ + "2024-09-30T05:00:00.000Z", + 1 + ], + [ + "2024-10-01T05:00:00.000Z", + 1 + ], + [ + "2024-10-03T05:00:00.000Z", + 1 + ], + [ + "2024-10-22T05:00:00.000Z", + 1 + ], + [ + "2024-11-14T06:00:00.000Z", + 1 + ], + [ + "2024-12-04T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2019-10-17T17:29:28Z", + "ossf_scorecard": { + "date": "2025-02-23T16:36:27Z", + "repo": { + "name": "github.com/CMSgov/easi-app", + "commit": "f49e15fb100006918cb4e2353fec8854d1db23d5" }, - "predominant_langs": { - "TypeScript": 3967773, - "Go": 2193602, - "JavaScript": 86384, - "SCSS": 77446, - "Shell": 44053, - "Ruby": 13769, - "PLpgSQL": 2631, - "HTML": 1590, - "Dockerfile": 1038 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "easi-app", - "00:00:04" - ] - ], - "repo_dependency_libyear_list": [ - [ - "@apollo/client", - -0.0739726027, - "2024-10-16T10:04:15.000" - ], - [ - "@apollo/client", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@apollo/client", - 0.2136986301, - "2024-07-01T00:36:18.000" - ], - [ - "@apollo/react-testing", - 0.0, - "2024-07-01T00:36:18.000" - ], - [ - "@babel/core", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@babel/plugin-syntax-class-properties", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@babel/preset-env", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@craco/craco", - 0.0, - "2023-09-14T09:02:31.000" - ], - [ - "@cypress/code-coverage", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "@cypress/code-coverage", - 0.2082191781, - "2025-03-01T19:06:13.000" - ], - [ - "@cypress/webpack-preprocessor", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@cypress/webpack-preprocessor", - 2.1780821918, - "2023-09-14T09:02:31.000" - ], - [ - "@graphql-codegen/cli", - -0.0164383562, - "2025-03-01T19:06:13.000" - ], - [ - "@graphql-codegen/cli", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "@graphql-codegen/client-preset", - -0.0246575342, - "2024-10-16T10:04:15.000" - ], - [ - "@graphql-codegen/client-preset", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@graphql-codegen/typed-document-node", - 0.2657534247, - "2024-10-16T10:04:15.000" - ], - [ - "@graphql-codegen/typed-document-node", - 0.6465753425, - "2025-03-01T19:06:13.000" - ], - [ - "@graphql-codegen/typescript-react-apollo", - -0.4739726027, - "2025-03-01T19:06:13.000" - ], - [ - "@graphql-codegen/typescript-react-apollo", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "@hookform/error-message", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@hookform/resolvers", - 0.8712328767, - "2023-09-14T09:02:31.000" - ], - [ - "@hookform/resolvers", - 1.2219178082, - "2024-04-10T03:36:47.000" - ], - [ - "@hookform/resolvers", - 1.6438356164, - "2024-07-01T00:36:18.000" - ], - [ - "@hookform/resolvers", - 1.7260273973, - "2024-10-16T10:04:15.000" - ], - [ - "@hookform/resolvers", - 2.3643835616, - "2025-03-01T19:06:13.000" - ], - [ - "@okta/okta-auth-js", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "@okta/okta-auth-js", - 0.2301369863, - "2025-03-01T19:06:13.000" - ], - [ - "@okta/okta-auth-js", - 0.9342465753, - "2023-09-14T09:02:31.000" - ], - [ - "@okta/okta-auth-js", - 1.3452054795, - "2024-04-10T03:36:47.000" - ], - [ - "@okta/okta-auth-js", - 1.6657534247, - "2024-07-01T00:36:18.000" - ], - [ - "@okta/okta-react", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@okta/okta-signin-widget", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@okta/okta-signin-widget", - 0.6273972603, - "2024-04-10T03:36:47.000" - ], - [ - "@okta/okta-signin-widget", - 0.8630136986, - "2023-09-14T09:02:31.000" - ], - [ - "@storybook/addon-actions", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@storybook/addon-actions", - 0.4712328767, - "2023-09-14T09:02:31.000" - ], - [ - "@storybook/addon-controls", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@storybook/addon-controls", - 0.4712328767, - "2023-09-14T09:02:31.000" - ], - [ - "@storybook/addon-essentials", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@storybook/addon-essentials", - 0.4712328767, - "2023-09-14T09:02:31.000" - ], - [ - "@storybook/addon-links", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@storybook/addon-links", - 0.4712328767, - "2023-09-14T09:02:31.000" - ], - [ - "@storybook/node-logger", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@storybook/node-logger", - 0.4712328767, - "2023-09-14T09:02:31.000" - ], - [ - "@storybook/react", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@storybook/react", - 0.4712328767, - "2023-09-14T09:02:31.000" - ], - [ - "@testing-library/jest-dom", - 0.1342465753, - "2023-09-14T09:02:31.000" - ], - [ - "@testing-library/jest-dom", - 0.5534246575, - "2024-04-10T03:36:47.000" - ], - [ - "@testing-library/jest-dom", - 0.898630137, - "2024-07-01T00:36:18.000" - ], - [ - "@testing-library/jest-dom", - 1.101369863, - "2024-10-16T10:04:15.000" - ], - [ - "@testing-library/jest-dom", - 1.2904109589, - "2025-03-01T19:06:13.000" - ], - [ - "@testing-library/react", - 1.6931506849, - "2023-09-14T09:02:31.000" - ], - [ - "@testing-library/react", - 2.8356164384, - "2024-04-10T03:36:47.000" - ], - [ - "@testing-library/react", - 2.9890410959, - "2024-07-01T00:36:18.000" - ], - [ - "@testing-library/react", - 3.2246575342, - "2024-10-16T10:04:15.000" - ], - [ - "@testing-library/react", - 3.6082191781, - "2025-03-01T19:06:13.000" - ], - [ - "@testing-library/user-event", - 0.8054794521, - "2023-09-14T09:02:31.000" - ], - [ - "@testing-library/user-event", - 2.1945205479, - "2024-10-16T10:04:15.000" - ], - [ - "@testing-library/user-event", - 3.2602739726, - "2025-03-01T19:06:13.000" - ], - [ - "@tiptap/core", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@tiptap/extension-document", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@tiptap/extension-mention", - 0.2712328767, - "2025-03-01T19:06:13.000" - ], - [ - "@tiptap/extension-paragraph", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@tiptap/extension-text", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@tiptap/pm", - 0.2712328767, - "2025-03-01T19:06:13.000" - ], - [ - "@tiptap/react", - 0.2712328767, - "2025-03-01T19:06:13.000" - ], - [ - "@tiptap/suggestion", - 0.2712328767, - "2025-03-01T19:06:13.000" - ], - [ - "@toast-ui/react-editor", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@trussworks/react-uswds", - 1.402739726, - "2023-09-14T09:02:31.000" - ], - [ - "@trussworks/react-uswds", - 1.9178082192, - "2025-03-01T19:06:13.000" - ], - [ - "@trussworks/react-uswds", - 1.9369863014, - "2024-07-01T00:36:18.000" - ], - [ - "@trussworks/react-uswds", - 2.3726027397, - "2024-10-16T10:04:15.000" - ], - [ - "@types/apollo-upload-client", - 0.0, - "2023-09-14T09:02:31.000" - ], - [ - "@types/apollo-upload-client", - 0.1452054795, - "2025-03-01T19:06:13.000" - ], - [ - "@types/dompurify", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/enzyme", - 1.7753424658, - "2023-09-14T09:02:31.000" - ], - [ - "@types/enzyme", - 2.4136986301, - "2024-10-16T10:04:15.000" - ], - [ - "@types/jest", - 2.3232876712, - "2023-09-14T09:02:31.000" - ], - [ - "@types/jest", - 2.7698630137, - "2024-07-01T00:36:18.000" - ], - [ - "@types/jest", - 3.3835616438, - "2024-10-16T10:04:15.000" - ], - [ - "@types/jest", - 3.4931506849, - "2025-03-01T19:06:13.000" - ], - [ - "@types/lodash", - 0.0, - "2024-07-01T00:36:18.000" - ], - [ - "@types/lodash", - 0.0246575342, - "2024-10-16T10:04:15.000" - ], - [ - "@types/lodash", - 0.4328767123, - "2025-03-01T19:06:13.000" - ], - [ - "@types/luxon", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/no-scroll", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/node", - 2.2, - "2023-09-14T09:02:31.000" - ], - [ - "@types/node", - 2.7863013699, - "2024-04-10T03:36:47.000" - ], - [ - "@types/node", - 2.997260274, - "2024-07-01T00:36:18.000" - ], - [ - "@types/node", - 3.2821917808, - "2024-10-16T10:04:15.000" - ], - [ - "@types/node", - 3.6794520548, - "2025-03-01T19:06:13.000" - ], - [ - "@types/react", - 2.202739726, - "2023-09-14T09:02:31.000" - ], - [ - "@types/react", - 2.8328767123, - "2024-04-10T03:36:47.000" - ], - [ - "@types/react", - 2.9561643836, - "2024-07-01T00:36:18.000" - ], - [ - "@types/react", - 3.3178082192, - "2024-10-16T10:04:15.000" - ], - [ - "@types/react", - 3.6931506849, - "2025-03-01T19:06:13.000" - ], - [ - "@types/react-autosuggest", - 0.0, - "2023-09-14T09:02:31.000" - ], - [ - "@types/react-autosuggest", - 0.1397260274, - "2025-03-01T19:06:13.000" - ], - [ - "@types/react-csv", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/react-csv", - 0.0547945205, - "2024-04-10T03:36:47.000" - ], - [ - "@types/react-dom", - 2.0657534247, - "2023-09-14T09:02:31.000" - ], - [ - "@types/react-dom", - 2.7945205479, - "2024-04-10T03:36:47.000" - ], - [ - "@types/react-dom", - 2.8547945205, - "2024-07-01T00:36:18.000" - ], - [ - "@types/react-dom", - 3.3178082192, - "2024-10-16T10:04:15.000" - ], - [ - "@types/react-dom", - 3.6712328767, - "2025-03-01T19:06:13.000" - ], - [ - "@types/react-modal", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/react-redux", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/react-router-dom", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/react-router-hash-link", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/react-table", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/react-test-renderer", - -0.002739726, - "2024-04-10T03:36:47.000" - ], - [ - "@types/react-test-renderer", - 0.4246575342, - "2024-10-16T10:04:15.000" - ], - [ - "@types/react-test-renderer", - 1.0383561644, - "2025-03-01T19:06:13.000" - ], - [ - "@types/redux-mock-store", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/redux-saga-routines", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/text-encoding", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@types/uuid", - 1.6465753425, - "2023-09-14T09:02:31.000" - ], - [ - "@types/uuid", - 2.0520547945, - "2024-04-10T03:36:47.000" - ], - [ - "@types/uuid", - 2.4547945205, - "2025-03-01T19:06:13.000" - ], - [ - "@types/yup", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@uswds/uswds", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "@uswds/uswds", - 0.2054794521, - "2025-03-01T19:06:13.000" - ], - [ - "@vitejs/plugin-react", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "@vitest/coverage-v8", - 0.2684931507, - "2025-03-01T19:06:13.000" - ], - [ - "@vitest/coverage-v8", - 0.4602739726, - "2024-04-10T03:36:47.000" - ], - [ - "@vitest/coverage-v8", - 0.5945205479, - "2024-07-01T00:36:18.000" - ], - [ - "@vitest/coverage-v8", - 1.0438356164, - "2024-10-16T10:04:15.000" - ], - [ - "@wojtekmaj/enzyme-adapter-react-17", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "apollo", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "apollo-upload-client", - 0.0, - "2023-09-14T09:02:31.000" - ], - [ - "apollo-upload-client", - 1.8767123288, - "2025-03-01T19:06:13.000" - ], - [ - "autoprefixer", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "axios", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "axios", - 1.3315068493, - "2023-09-14T09:02:31.000" - ], - [ - "babel-loader", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "babel-loader", - 0.4493150685, - "2025-03-01T19:06:13.000" - ], - [ - "babel-loader", - 3.295890411, - "2023-09-14T09:02:31.000" - ], - [ - "classnames", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "cross-fetch", - -0.002739726, - "2025-03-01T19:06:13.000" - ], - [ - "cross-fetch", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "cypress", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "cypress", - 0.1123287671, - "2024-07-01T00:36:18.000" - ], - [ - "cypress", - 0.1917808219, - "2025-03-01T19:06:13.000" - ], - [ - "cypress", - 0.4575342466, - "2023-09-14T09:02:31.000" - ], - [ - "cypress-file-upload", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "cypress-otp", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "detect-browser", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "dompurify", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "enzyme", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "eslint", - 0.4328767123, - "2025-03-01T19:06:13.000" - ], - [ - "eslint", - 2.1068493151, - "2023-09-14T09:02:31.000" - ], - [ - "eslint", - 2.6821917808, - "2024-04-10T03:36:47.000" - ], - [ - "eslint", - 2.9123287671, - "2024-07-01T00:36:18.000" - ], - [ - "eslint", - 3.1808219178, - "2024-10-16T10:04:15.000" - ], - [ - "eslint-config-airbnb", - 1.1315068493, - "2025-03-01T19:06:13.000" - ], - [ - "eslint-config-prettier", - 0.0054794521, - "2023-09-14T09:02:31.000" - ], - [ - "eslint-config-prettier", - 0.3315068493, - "2024-10-16T10:04:15.000" - ], - [ - "eslint-config-prettier", - 1.5698630137, - "2025-03-01T19:06:13.000" - ], - [ - "eslint-config-react-app", - -2.8493150685, - "2025-03-01T19:06:13.000" - ], - [ - "eslint-config-react-app", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "eslint-plugin-cypress", - 0.0, - "2024-04-10T03:36:47.000" - ], - [ - "eslint-plugin-cypress", - 0.0520547945, - "2025-03-01T19:06:13.000" - ], - [ - "eslint-plugin-cypress", - 0.1178082192, - "2024-07-01T00:36:18.000" - ], - [ - "eslint-plugin-cypress", - 0.4876712329, - "2024-10-16T10:04:15.000" - ], - [ - "eslint-plugin-import", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "eslint-plugin-jsx-a11y", - 0.0, - "2024-07-01T00:36:18.000" - ], - [ - "eslint-plugin-jsx-a11y", - 0.2054794521, - "2024-10-16T10:04:15.000" - ], - [ - "eslint-plugin-prettier", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "eslint-plugin-prettier", - 1.8876712329, - "2023-09-14T09:02:31.000" - ], - [ - "eslint-plugin-prettier", - 2.3890410959, - "2024-07-01T00:36:18.000" - ], - [ - "eslint-plugin-prettier", - 2.9068493151, - "2024-10-16T10:04:15.000" - ], - [ - "eslint-plugin-react", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "eslint-plugin-react-hooks", - -0.2082191781, - "2024-04-10T03:36:47.000" - ], - [ - "eslint-plugin-react-hooks", - 0.0, - "2024-07-01T00:36:18.000" - ], - [ - "eslint-plugin-react-hooks", - 0.4575342466, - "2024-10-16T10:04:15.000" - ], - [ - "eslint-plugin-react-hooks", - 0.8410958904, - "2025-03-01T19:06:13.000" - ], - [ - "eslint-plugin-simple-import-sort", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "eslint-plugin-simple-import-sort", - 2.1369863014, - "2023-09-14T09:02:31.000" - ], - [ - "eslint-plugin-simple-import-sort", - 3.1726027397, - "2024-04-10T03:36:47.000" - ], - [ - "eslint-plugin-simple-import-sort", - 3.3452054795, - "2024-07-01T00:36:18.000" - ], - [ - "eslint-plugin-simple-import-sort", - 3.5643835616, - "2024-10-16T10:04:15.000" - ], - [ - "font-awesome", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "formik", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "graphql-schema-linter", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "i18next", - 2.498630137, - "2023-09-14T09:02:31.000" - ], - [ - "i18next", - 3.0876712329, - "2024-04-10T03:36:47.000" - ], - [ - "i18next", - 3.2, - "2024-07-01T00:36:18.000" - ], - [ - "i18next", - 3.6, - "2024-10-16T10:04:15.000" - ], - [ - "i18next", - 3.8821917808, - "2025-03-01T19:06:13.000" - ], - [ - "i18next-browser-languagedetector", - 2.8904109589, - "2023-09-14T09:02:31.000" - ], - [ - "i18next-browser-languagedetector", - 3.6493150685, - "2024-04-10T03:36:47.000" - ], - [ - "i18next-browser-languagedetector", - 3.7671232877, - "2024-10-16T10:04:15.000" - ], - [ - "i18next-browser-languagedetector", - 4.5452054795, - "2025-03-01T19:06:13.000" - ], - [ - "istanbul-lib-coverage", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "jest-canvas-mock", - 0.0, - "2023-09-14T09:02:31.000" - ], - [ - "jest-launchdarkly-mock", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "js-base64", - 0.0, - "2023-09-14T09:02:31.000" - ], - [ - "jsdom", - 0.6547945205, - "2024-04-10T03:36:47.000" - ], - [ - "jsdom", - 0.997260274, - "2024-07-01T00:36:18.000" - ], - [ - "jsdom", - 1.3232876712, - "2024-10-16T10:04:15.000" - ], - [ - "jsdom", - 1.6219178082, - "2025-03-01T19:06:13.000" - ], - [ - "launchdarkly-react-client-sdk", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "lodash", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "luxon", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "markdown-spellcheck", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "md5", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "no-scroll", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "nyc", - 0.0, - "2024-04-10T03:36:47.000" - ], - [ - "nyc", - 4.0246575342, - "2024-07-01T00:36:18.000" - ], - [ - "nyc", - 4.304109589, - "2025-03-01T19:06:13.000" - ], - [ - "prettier", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "prettier", - 0.3506849315, - "2023-09-14T09:02:31.000" - ], - [ - "prettier", - 0.7835616438, - "2024-04-10T03:36:47.000" - ], - [ - "prettier", - 1.1342465753, - "2024-07-01T00:36:18.000" - ], - [ - "prettier", - 1.2246575342, - "2024-10-16T10:04:15.000" - ], - [ - "react", - 1.2273972603, - "2024-04-10T03:36:47.000" - ], - [ - "react", - 3.095890411, - "2024-10-16T10:04:15.000" - ], - [ - "react", - 3.7068493151, - "2025-03-01T19:06:13.000" - ], - [ - "react-autosuggest", - 2.0109589041, - "2025-03-01T19:06:13.000" - ], - [ - "react-csv", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "react-dom", - 1.2273972603, - "2024-04-10T03:36:47.000" - ], - [ - "react-dom", - 3.095890411, - "2024-10-16T10:04:15.000" - ], - [ - "react-dom", - 3.7068493151, - "2025-03-01T19:06:13.000" - ], - [ - "react-ga4", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "react-hook-form", - -0.1780821918, - "2025-03-01T19:06:13.000" - ], - [ - "react-hook-form", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "react-i18next", - 2.2739726027, - "2023-09-14T09:02:31.000" - ], - [ - "react-i18next", - 2.7863013699, - "2024-04-10T03:36:47.000" - ], - [ - "react-i18next", - 2.9945205479, - "2024-07-01T00:36:18.000" - ], - [ - "react-i18next", - 3.3863013699, - "2024-10-16T10:04:15.000" - ], - [ - "react-i18next", - 3.7397260274, - "2025-03-01T19:06:13.000" - ], - [ - "react-idle-timer", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "react-media", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "react-modal", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "react-redux", - 0.8465753425, - "2023-09-14T09:02:31.000" - ], - [ - "react-redux", - 1.304109589, - "2024-04-10T03:36:47.000" - ], - [ - "react-redux", - 1.6054794521, - "2024-10-16T10:04:15.000" - ], - [ - "react-redux", - 2.2164383562, - "2025-03-01T19:06:13.000" - ], - [ - "react-router-dom", - 0.9452054795, - "2023-09-14T09:02:31.000" - ], - [ - "react-router-dom", - 1.4273972603, - "2024-04-10T03:36:47.000" - ], - [ - "react-router-dom", - 1.7287671233, - "2024-07-01T00:36:18.000" - ], - [ - "react-router-dom", - 2.0273972603, - "2024-10-16T10:04:15.000" - ], - [ - "react-router-dom", - 2.3835616438, - "2025-03-01T19:06:13.000" - ], - [ - "react-router-hash-link", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "react-scripts", - 0.0, - "2023-09-14T09:02:31.000" - ], - [ - "react-select", - 0.0, - "2024-10-16T10:04:15.000" - ], - [ - "react-select", - 0.1178082192, - "2025-03-01T19:06:13.000" - ], - [ - "react-select-event", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "react-table", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "react-test-renderer", - 1.6657534247, - "2024-04-10T03:36:47.000" - ], - [ - "react-test-renderer", - 3.5315068493, - "2024-10-16T10:04:15.000" - ], - [ - "react-test-renderer", - 4.1424657534, - "2025-03-01T19:06:13.000" - ], - [ - "react-to-print", - 0.0, - "2024-07-01T00:36:18.000" - ], - [ - "react-to-print", - 0.6273972603, - "2024-10-16T10:04:15.000" - ], - [ - "react-to-print", - 0.9534246575, - "2025-03-01T19:06:13.000" - ], - [ - "redux", - 0.0, - "2023-09-14T09:02:31.000" - ], - [ - "redux", - 0.898630137, - "2025-03-01T19:06:13.000" - ], - [ - "redux-actions", - 3.9452054795, - "2024-07-01T00:36:18.000" - ], - [ - "redux-actions", - 5.3835616438, - "2025-03-01T19:06:13.000" - ], - [ - "redux-devtools-extension", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "redux-mock-store", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "redux-saga", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "redux-saga-routines", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "regenerator-runtime", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "sass", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "sass-loader", - 0.0, - "2023-09-14T09:02:31.000" - ], - [ - "sass-loader", - 0.1506849315, - "2024-04-10T03:36:47.000" - ], - [ - "sass-loader", - 0.3068493151, - "2024-07-01T00:36:18.000" - ], - [ - "sass-loader", - 0.7369863014, - "2024-10-16T10:04:15.000" - ], - [ - "sass-loader", - 1.1397260274, - "2025-03-01T19:06:13.000" - ], - [ - "sass-resources-loader", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "start-server-and-test", - 0.0, - "2023-09-14T09:02:31.000" - ], - [ - "start-server-and-test", - 0.7178082192, - "2024-04-10T03:36:47.000" - ], - [ - "text-encoding", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "tippy.js", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "ts-loader", - 3.0931506849, - "2023-09-14T09:02:31.000" - ], - [ - "ts-loader", - 3.4767123288, - "2024-10-16T10:04:15.000" - ], - [ - "ts-loader", - 4.6383561644, - "2025-03-01T19:06:13.000" - ], - [ - "typescript", - 0.5616438356, - "2023-09-14T09:02:31.000" - ], - [ - "typescript", - 1.1753424658, - "2024-04-10T03:36:47.000" - ], - [ - "typescript", - 1.3863013699, - "2024-07-01T00:36:18.000" - ], - [ - "typescript", - 1.6904109589, - "2024-10-16T10:04:15.000" - ], - [ - "typescript", - 2.0794520548, - "2025-03-01T19:06:13.000" - ], - [ - "uuid", - 2.7589041096, - "2024-04-10T03:36:47.000" - ], - [ - "uuid", - 3.501369863, - "2024-10-16T10:04:15.000" - ], - [ - "uuid", - 4.2, - "2025-03-01T19:06:13.000" - ], - [ - "vite", - 0.0273972603, - "2024-04-10T03:36:47.000" - ], - [ - "vite", - 0.0739726027, - "2024-10-16T10:04:15.000" - ], - [ - "vite", - 0.2602739726, - "2024-07-01T00:36:18.000" - ], - [ - "vite", - 0.3643835616, - "2025-03-01T19:06:13.000" - ], - [ - "vite-plugin-svgr", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "vite-plugin-svgr", - 0.1589041096, - "2024-10-16T10:04:15.000" - ], - [ - "vite-tsconfig-paths", - 0.0, - "2024-07-01T00:36:18.000" - ], - [ - "vite-tsconfig-paths", - 0.402739726, - "2024-10-16T10:04:15.000" - ], - [ - "vite-tsconfig-paths", - 0.7315068493, - "2025-03-01T19:06:13.000" - ], - [ - "vitest", - 0.2684931507, - "2025-03-01T19:06:13.000" - ], - [ - "vitest", - 0.4602739726, - "2024-04-10T03:36:47.000" - ], - [ - "vitest", - 0.5945205479, - "2024-07-01T00:36:18.000" - ], - [ - "vitest", - 1.0438356164, - "2024-10-16T10:04:15.000" - ], - [ - "wait-on", - 1.7479452055, - "2023-09-14T09:02:31.000" - ], - [ - "wait-on", - 2.6602739726, - "2024-04-10T03:36:47.000" - ], - [ - "webpack", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "wildcard-mock-link", - 0.0, - "2025-03-01T19:06:13.000" - ], - [ - "yup", - 1.6136986301, - "2023-09-14T09:02:31.000" - ], - [ - "yup", - 2.397260274, - "2024-10-16T10:04:15.000" - ], - [ - "yup", - 3.1835616438, - "2025-03-01T19:06:13.000" - ] + "score": 6.0, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 8, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 7 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "23 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "TypeScript", + "Bytes": 3967773, + "CodeBytes": 0, + "Lines": 111197, + "Code": 95320, + "Comment": 6228, + "Blank": 9649, + "Complexity": 7508, + "Count": 867, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go", + "Bytes": 6561884, + "CodeBytes": 0, + "Lines": 201626, + "Code": 162548, + "Comment": 13976, + "Blank": 25102, + "Complexity": 26878, + "Count": 746, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 113699, + "CodeBytes": 0, + "Lines": 3281, + "Code": 2767, + "Comment": 238, + "Blank": 276, + "Complexity": 9, + "Count": 283, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 77446, + "CodeBytes": 0, + "Lines": 3825, + "Code": 3171, + "Comment": 110, + "Blank": 544, + "Complexity": 0, + "Count": 105, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 202494, + "CodeBytes": 0, + "Lines": 4372, + "Code": 3206, + "Comment": 0, + "Blank": 1166, + "Complexity": 0, + "Count": 64, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 81924, + "CodeBytes": 0, + "Lines": 2788, + "Code": 2524, + "Comment": 130, + "Blank": 134, + "Complexity": 0, + "Count": 64, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go Template", + "Bytes": 50528, + "CodeBytes": 0, + "Lines": 1328, + "Code": 1090, + "Comment": 0, + "Blank": 238, + "Complexity": 78, + "Count": 48, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "BASH", + "Bytes": 24031, + "CodeBytes": 0, + "Lines": 705, + "Code": 445, + "Comment": 132, + "Blank": 128, + "Complexity": 54, + "Count": 22, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 86384, + "CodeBytes": 0, + "Lines": 2699, + "Code": 1830, + "Comment": 333, + "Blank": 536, + "Complexity": 46, + "Count": 21, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 413799, + "CodeBytes": 0, + "Lines": 12325, + "Code": 12325, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 18, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 20022, + "CodeBytes": 0, + "Lines": 581, + "Code": 370, + "Comment": 106, + "Blank": 105, + "Complexity": 44, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript Typings", + "Bytes": 4977, + "CodeBytes": 0, + "Lines": 173, + "Code": 144, + "Comment": 11, + "Blank": 18, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 95, + "CodeBytes": 0, + "Lines": 3, + "Code": 3, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 171, + "CodeBytes": 0, + "Lines": 16, + "Code": 8, + "Comment": 4, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 1038, + "CodeBytes": 0, + "Lines": 43, + "Code": 29, + "Comment": 0, + "Blank": 14, + "Complexity": 2, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "GraphQL", + "Bytes": 77574, + "CodeBytes": 0, + "Lines": 3133, + "Code": 2016, + "Comment": 840, + "Blank": 277, + "Complexity": 237, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 1590, + "CodeBytes": 0, + "Lines": 42, + "Code": 25, + "Comment": 15, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 11357, + "CodeBytes": 0, + "Lines": 201, + "Code": 169, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Ruby", + "Bytes": 13769, + "CodeBytes": 0, + "Lines": 496, + "Code": 455, + "Comment": 16, + "Blank": 25, + "Complexity": 17, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 9432523.580962285, + "estimatedScheduleMonths_low": 33.41838234690058, + "estimatedPeople_low": 27.497422333545593, + "estimatedCost_high": 29395863.177611947, + "estimatedScheduleMonths_high": 33.41838234690058, + "estimatedPeople_high": 27.497422333545593, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 867 111197 9649 6228 95320 7508\n(ULOC) 48508\n-------------------------------------------------------------------------------\nGo 746 201626 25102 13976 162548 26878\n(ULOC) 55947\n-------------------------------------------------------------------------------\nSQL 283 3281 276 238 2767 9\n(ULOC) 1825\n-------------------------------------------------------------------------------\nSass 105 3825 544 110 3171 0\n(ULOC) 1847\n-------------------------------------------------------------------------------\nMarkdown 64 4372 1166 0 3206 0\n(ULOC) 2896\n-------------------------------------------------------------------------------\nYAML 64 2788 134 130 2524 0\n(ULOC) 1319\n-------------------------------------------------------------------------------\nGo Template 48 1328 238 0 1090 78\n(ULOC) 415\n-------------------------------------------------------------------------------\nBASH 22 705 128 132 445 54\n(ULOC) 464\n-------------------------------------------------------------------------------\nJavaScript 21 2699 536 333 1830 46\n(ULOC) 1330\n-------------------------------------------------------------------------------\nJSON 18 12325 0 0 12325 0\n(ULOC) 2776\n-------------------------------------------------------------------------------\nShell 11 581 105 106 370 44\n(ULOC) 347\n-------------------------------------------------------------------------------\nTypeScript Typings 4 173 18 11 144 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nPlain Text 2 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nDocker ignore 1 16 4 4 8 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nDockerfile 1 43 14 0 29 2\n(ULOC) 29\n-------------------------------------------------------------------------------\nGraphQL 1 3133 277 840 2016 237\n(ULOC) 1520\n-------------------------------------------------------------------------------\nHTML 1 42 2 15 25 0\n(ULOC) 37\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nRuby 1 496 25 16 455 17\n(ULOC) 333\n───────────────────────────────────────────────────────────────────────────────\nTotal 2261 348834 38250 22139 288445 34873\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 118118\nDRYness % 0.34\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $10,343,356\nEstimated Schedule Effort (organic) 33.42 months\nEstimated People Required (organic) 27.50\n───────────────────────────────────────────────────────────────────────────────\nProcessed 11710555 bytes, 11.711 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 3967773, + "Go": 2193602, + "JavaScript": 86384, + "SCSS": 77446, + "Shell": 44053, + "Ruby": 13769, + "PLpgSQL": 2631, + "HTML": 1590, + "Dockerfile": 1038 + }, + "average_issue_resolution_time": [ + [ + "easi-app", + "00:00:04" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@apollo/client", + -0.0739726027, + "2024-10-16T10:04:15.000" + ], + [ + "@apollo/client", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@apollo/client", + 0.2136986301, + "2024-07-01T00:36:18.000" + ], + [ + "@apollo/react-testing", + 0.0, + "2024-07-01T00:36:18.000" + ], + [ + "@babel/core", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@babel/plugin-syntax-class-properties", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@babel/preset-env", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@craco/craco", + 0.0, + "2023-09-14T09:02:31.000" + ], + [ + "@cypress/code-coverage", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "@cypress/code-coverage", + 0.2082191781, + "2025-03-01T19:06:13.000" + ], + [ + "@cypress/webpack-preprocessor", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@cypress/webpack-preprocessor", + 2.1780821918, + "2023-09-14T09:02:31.000" + ], + [ + "@graphql-codegen/cli", + -0.0164383562, + "2025-03-01T19:06:13.000" + ], + [ + "@graphql-codegen/cli", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "@graphql-codegen/client-preset", + -0.0246575342, + "2024-10-16T10:04:15.000" + ], + [ + "@graphql-codegen/client-preset", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@graphql-codegen/typed-document-node", + 0.2657534247, + "2024-10-16T10:04:15.000" + ], + [ + "@graphql-codegen/typed-document-node", + 0.6465753425, + "2025-03-01T19:06:13.000" + ], + [ + "@graphql-codegen/typescript-react-apollo", + -0.4739726027, + "2025-03-01T19:06:13.000" + ], + [ + "@graphql-codegen/typescript-react-apollo", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "@hookform/error-message", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@hookform/resolvers", + 0.8712328767, + "2023-09-14T09:02:31.000" + ], + [ + "@hookform/resolvers", + 1.2219178082, + "2024-04-10T03:36:47.000" + ], + [ + "@hookform/resolvers", + 1.6438356164, + "2024-07-01T00:36:18.000" + ], + [ + "@hookform/resolvers", + 1.7260273973, + "2024-10-16T10:04:15.000" + ], + [ + "@hookform/resolvers", + 2.3643835616, + "2025-03-01T19:06:13.000" + ], + [ + "@okta/okta-auth-js", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "@okta/okta-auth-js", + 0.2301369863, + "2025-03-01T19:06:13.000" + ], + [ + "@okta/okta-auth-js", + 0.9342465753, + "2023-09-14T09:02:31.000" + ], + [ + "@okta/okta-auth-js", + 1.3452054795, + "2024-04-10T03:36:47.000" + ], + [ + "@okta/okta-auth-js", + 1.6657534247, + "2024-07-01T00:36:18.000" + ], + [ + "@okta/okta-react", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@okta/okta-signin-widget", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@okta/okta-signin-widget", + 0.6273972603, + "2024-04-10T03:36:47.000" + ], + [ + "@okta/okta-signin-widget", + 0.8630136986, + "2023-09-14T09:02:31.000" + ], + [ + "@storybook/addon-actions", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@storybook/addon-actions", + 0.4712328767, + "2023-09-14T09:02:31.000" + ], + [ + "@storybook/addon-controls", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@storybook/addon-controls", + 0.4712328767, + "2023-09-14T09:02:31.000" + ], + [ + "@storybook/addon-essentials", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@storybook/addon-essentials", + 0.4712328767, + "2023-09-14T09:02:31.000" + ], + [ + "@storybook/addon-links", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@storybook/addon-links", + 0.4712328767, + "2023-09-14T09:02:31.000" + ], + [ + "@storybook/node-logger", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@storybook/node-logger", + 0.4712328767, + "2023-09-14T09:02:31.000" + ], + [ + "@storybook/react", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@storybook/react", + 0.4712328767, + "2023-09-14T09:02:31.000" + ], + [ + "@testing-library/jest-dom", + 0.1342465753, + "2023-09-14T09:02:31.000" + ], + [ + "@testing-library/jest-dom", + 0.5534246575, + "2024-04-10T03:36:47.000" + ], + [ + "@testing-library/jest-dom", + 0.898630137, + "2024-07-01T00:36:18.000" + ], + [ + "@testing-library/jest-dom", + 1.101369863, + "2024-10-16T10:04:15.000" + ], + [ + "@testing-library/jest-dom", + 1.2904109589, + "2025-03-01T19:06:13.000" + ], + [ + "@testing-library/react", + 1.6931506849, + "2023-09-14T09:02:31.000" + ], + [ + "@testing-library/react", + 2.8356164384, + "2024-04-10T03:36:47.000" + ], + [ + "@testing-library/react", + 2.9890410959, + "2024-07-01T00:36:18.000" + ], + [ + "@testing-library/react", + 3.2246575342, + "2024-10-16T10:04:15.000" + ], + [ + "@testing-library/react", + 3.6082191781, + "2025-03-01T19:06:13.000" + ], + [ + "@testing-library/user-event", + 0.8054794521, + "2023-09-14T09:02:31.000" + ], + [ + "@testing-library/user-event", + 2.1945205479, + "2024-10-16T10:04:15.000" + ], + [ + "@testing-library/user-event", + 3.2602739726, + "2025-03-01T19:06:13.000" + ], + [ + "@tiptap/core", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@tiptap/extension-document", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@tiptap/extension-mention", + 0.2712328767, + "2025-03-01T19:06:13.000" + ], + [ + "@tiptap/extension-paragraph", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@tiptap/extension-text", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@tiptap/pm", + 0.2712328767, + "2025-03-01T19:06:13.000" + ], + [ + "@tiptap/react", + 0.2712328767, + "2025-03-01T19:06:13.000" + ], + [ + "@tiptap/suggestion", + 0.2712328767, + "2025-03-01T19:06:13.000" + ], + [ + "@toast-ui/react-editor", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@trussworks/react-uswds", + 1.402739726, + "2023-09-14T09:02:31.000" + ], + [ + "@trussworks/react-uswds", + 1.9178082192, + "2025-03-01T19:06:13.000" + ], + [ + "@trussworks/react-uswds", + 1.9369863014, + "2024-07-01T00:36:18.000" + ], + [ + "@trussworks/react-uswds", + 2.3726027397, + "2024-10-16T10:04:15.000" + ], + [ + "@types/apollo-upload-client", + 0.0, + "2023-09-14T09:02:31.000" + ], + [ + "@types/apollo-upload-client", + 0.1452054795, + "2025-03-01T19:06:13.000" + ], + [ + "@types/dompurify", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/enzyme", + 1.7753424658, + "2023-09-14T09:02:31.000" + ], + [ + "@types/enzyme", + 2.4136986301, + "2024-10-16T10:04:15.000" + ], + [ + "@types/jest", + 2.3232876712, + "2023-09-14T09:02:31.000" + ], + [ + "@types/jest", + 2.7698630137, + "2024-07-01T00:36:18.000" + ], + [ + "@types/jest", + 3.3835616438, + "2024-10-16T10:04:15.000" + ], + [ + "@types/jest", + 3.4931506849, + "2025-03-01T19:06:13.000" + ], + [ + "@types/lodash", + 0.0, + "2024-07-01T00:36:18.000" + ], + [ + "@types/lodash", + 0.0246575342, + "2024-10-16T10:04:15.000" + ], + [ + "@types/lodash", + 0.4328767123, + "2025-03-01T19:06:13.000" + ], + [ + "@types/luxon", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/no-scroll", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/node", + 2.2, + "2023-09-14T09:02:31.000" + ], + [ + "@types/node", + 2.7863013699, + "2024-04-10T03:36:47.000" + ], + [ + "@types/node", + 2.997260274, + "2024-07-01T00:36:18.000" + ], + [ + "@types/node", + 3.2821917808, + "2024-10-16T10:04:15.000" + ], + [ + "@types/node", + 3.6794520548, + "2025-03-01T19:06:13.000" + ], + [ + "@types/react", + 2.202739726, + "2023-09-14T09:02:31.000" + ], + [ + "@types/react", + 2.8328767123, + "2024-04-10T03:36:47.000" + ], + [ + "@types/react", + 2.9561643836, + "2024-07-01T00:36:18.000" + ], + [ + "@types/react", + 3.3178082192, + "2024-10-16T10:04:15.000" + ], + [ + "@types/react", + 3.6931506849, + "2025-03-01T19:06:13.000" + ], + [ + "@types/react-autosuggest", + 0.0, + "2023-09-14T09:02:31.000" + ], + [ + "@types/react-autosuggest", + 0.1397260274, + "2025-03-01T19:06:13.000" + ], + [ + "@types/react-csv", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/react-csv", + 0.0547945205, + "2024-04-10T03:36:47.000" + ], + [ + "@types/react-dom", + 2.0657534247, + "2023-09-14T09:02:31.000" + ], + [ + "@types/react-dom", + 2.7945205479, + "2024-04-10T03:36:47.000" + ], + [ + "@types/react-dom", + 2.8547945205, + "2024-07-01T00:36:18.000" + ], + [ + "@types/react-dom", + 3.3178082192, + "2024-10-16T10:04:15.000" + ], + [ + "@types/react-dom", + 3.6712328767, + "2025-03-01T19:06:13.000" + ], + [ + "@types/react-modal", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/react-redux", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/react-router-dom", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/react-router-hash-link", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/react-table", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/react-test-renderer", + -0.002739726, + "2024-04-10T03:36:47.000" + ], + [ + "@types/react-test-renderer", + 0.4246575342, + "2024-10-16T10:04:15.000" + ], + [ + "@types/react-test-renderer", + 1.0383561644, + "2025-03-01T19:06:13.000" + ], + [ + "@types/redux-mock-store", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/redux-saga-routines", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/text-encoding", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@types/uuid", + 1.6465753425, + "2023-09-14T09:02:31.000" + ], + [ + "@types/uuid", + 2.0520547945, + "2024-04-10T03:36:47.000" + ], + [ + "@types/uuid", + 2.4547945205, + "2025-03-01T19:06:13.000" + ], + [ + "@types/yup", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@uswds/uswds", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "@uswds/uswds", + 0.2054794521, + "2025-03-01T19:06:13.000" + ], + [ + "@vitejs/plugin-react", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "@vitest/coverage-v8", + 0.2684931507, + "2025-03-01T19:06:13.000" + ], + [ + "@vitest/coverage-v8", + 0.4602739726, + "2024-04-10T03:36:47.000" + ], + [ + "@vitest/coverage-v8", + 0.5945205479, + "2024-07-01T00:36:18.000" + ], + [ + "@vitest/coverage-v8", + 1.0438356164, + "2024-10-16T10:04:15.000" + ], + [ + "@wojtekmaj/enzyme-adapter-react-17", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "apollo", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "apollo-upload-client", + 0.0, + "2023-09-14T09:02:31.000" + ], + [ + "apollo-upload-client", + 1.8767123288, + "2025-03-01T19:06:13.000" + ], + [ + "autoprefixer", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "axios", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "axios", + 1.3315068493, + "2023-09-14T09:02:31.000" + ], + [ + "babel-loader", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "babel-loader", + 0.4493150685, + "2025-03-01T19:06:13.000" + ], + [ + "babel-loader", + 3.295890411, + "2023-09-14T09:02:31.000" + ], + [ + "classnames", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "cross-fetch", + -0.002739726, + "2025-03-01T19:06:13.000" + ], + [ + "cross-fetch", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "cypress", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "cypress", + 0.1123287671, + "2024-07-01T00:36:18.000" + ], + [ + "cypress", + 0.1917808219, + "2025-03-01T19:06:13.000" + ], + [ + "cypress", + 0.4575342466, + "2023-09-14T09:02:31.000" + ], + [ + "cypress-file-upload", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "cypress-otp", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "detect-browser", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "dompurify", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "enzyme", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "eslint", + 0.4328767123, + "2025-03-01T19:06:13.000" + ], + [ + "eslint", + 2.1068493151, + "2023-09-14T09:02:31.000" + ], + [ + "eslint", + 2.6821917808, + "2024-04-10T03:36:47.000" + ], + [ + "eslint", + 2.9123287671, + "2024-07-01T00:36:18.000" + ], + [ + "eslint", + 3.1808219178, + "2024-10-16T10:04:15.000" + ], + [ + "eslint-config-airbnb", + 1.1315068493, + "2025-03-01T19:06:13.000" + ], + [ + "eslint-config-prettier", + 0.0054794521, + "2023-09-14T09:02:31.000" + ], + [ + "eslint-config-prettier", + 0.3315068493, + "2024-10-16T10:04:15.000" + ], + [ + "eslint-config-prettier", + 1.5698630137, + "2025-03-01T19:06:13.000" + ], + [ + "eslint-config-react-app", + -2.8493150685, + "2025-03-01T19:06:13.000" + ], + [ + "eslint-config-react-app", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "eslint-plugin-cypress", + 0.0, + "2024-04-10T03:36:47.000" + ], + [ + "eslint-plugin-cypress", + 0.0520547945, + "2025-03-01T19:06:13.000" + ], + [ + "eslint-plugin-cypress", + 0.1178082192, + "2024-07-01T00:36:18.000" + ], + [ + "eslint-plugin-cypress", + 0.4876712329, + "2024-10-16T10:04:15.000" + ], + [ + "eslint-plugin-import", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "eslint-plugin-jsx-a11y", + 0.0, + "2024-07-01T00:36:18.000" + ], + [ + "eslint-plugin-jsx-a11y", + 0.2054794521, + "2024-10-16T10:04:15.000" + ], + [ + "eslint-plugin-prettier", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "eslint-plugin-prettier", + 1.8876712329, + "2023-09-14T09:02:31.000" + ], + [ + "eslint-plugin-prettier", + 2.3890410959, + "2024-07-01T00:36:18.000" + ], + [ + "eslint-plugin-prettier", + 2.9068493151, + "2024-10-16T10:04:15.000" + ], + [ + "eslint-plugin-react", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "eslint-plugin-react-hooks", + -0.2082191781, + "2024-04-10T03:36:47.000" + ], + [ + "eslint-plugin-react-hooks", + 0.0, + "2024-07-01T00:36:18.000" + ], + [ + "eslint-plugin-react-hooks", + 0.4575342466, + "2024-10-16T10:04:15.000" + ], + [ + "eslint-plugin-react-hooks", + 0.8410958904, + "2025-03-01T19:06:13.000" + ], + [ + "eslint-plugin-simple-import-sort", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "eslint-plugin-simple-import-sort", + 2.1369863014, + "2023-09-14T09:02:31.000" + ], + [ + "eslint-plugin-simple-import-sort", + 3.1726027397, + "2024-04-10T03:36:47.000" + ], + [ + "eslint-plugin-simple-import-sort", + 3.3452054795, + "2024-07-01T00:36:18.000" + ], + [ + "eslint-plugin-simple-import-sort", + 3.5643835616, + "2024-10-16T10:04:15.000" + ], + [ + "font-awesome", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "formik", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "graphql-schema-linter", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "i18next", + 2.498630137, + "2023-09-14T09:02:31.000" + ], + [ + "i18next", + 3.0876712329, + "2024-04-10T03:36:47.000" + ], + [ + "i18next", + 3.2, + "2024-07-01T00:36:18.000" + ], + [ + "i18next", + 3.6, + "2024-10-16T10:04:15.000" + ], + [ + "i18next", + 3.8821917808, + "2025-03-01T19:06:13.000" + ], + [ + "i18next-browser-languagedetector", + 2.8904109589, + "2023-09-14T09:02:31.000" + ], + [ + "i18next-browser-languagedetector", + 3.6493150685, + "2024-04-10T03:36:47.000" + ], + [ + "i18next-browser-languagedetector", + 3.7671232877, + "2024-10-16T10:04:15.000" + ], + [ + "i18next-browser-languagedetector", + 4.5452054795, + "2025-03-01T19:06:13.000" + ], + [ + "istanbul-lib-coverage", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "jest-canvas-mock", + 0.0, + "2023-09-14T09:02:31.000" + ], + [ + "jest-launchdarkly-mock", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "js-base64", + 0.0, + "2023-09-14T09:02:31.000" + ], + [ + "jsdom", + 0.6547945205, + "2024-04-10T03:36:47.000" + ], + [ + "jsdom", + 0.997260274, + "2024-07-01T00:36:18.000" + ], + [ + "jsdom", + 1.3232876712, + "2024-10-16T10:04:15.000" + ], + [ + "jsdom", + 1.6219178082, + "2025-03-01T19:06:13.000" + ], + [ + "launchdarkly-react-client-sdk", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "lodash", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "luxon", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "markdown-spellcheck", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "md5", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "no-scroll", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "nyc", + 0.0, + "2024-04-10T03:36:47.000" + ], + [ + "nyc", + 4.0246575342, + "2024-07-01T00:36:18.000" + ], + [ + "nyc", + 4.304109589, + "2025-03-01T19:06:13.000" + ], + [ + "prettier", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "prettier", + 0.3506849315, + "2023-09-14T09:02:31.000" + ], + [ + "prettier", + 0.7835616438, + "2024-04-10T03:36:47.000" + ], + [ + "prettier", + 1.1342465753, + "2024-07-01T00:36:18.000" + ], + [ + "prettier", + 1.2246575342, + "2024-10-16T10:04:15.000" + ], + [ + "react", + 1.2273972603, + "2024-04-10T03:36:47.000" + ], + [ + "react", + 3.095890411, + "2024-10-16T10:04:15.000" + ], + [ + "react", + 3.7068493151, + "2025-03-01T19:06:13.000" + ], + [ + "react-autosuggest", + 2.0109589041, + "2025-03-01T19:06:13.000" + ], + [ + "react-csv", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "react-dom", + 1.2273972603, + "2024-04-10T03:36:47.000" + ], + [ + "react-dom", + 3.095890411, + "2024-10-16T10:04:15.000" + ], + [ + "react-dom", + 3.7068493151, + "2025-03-01T19:06:13.000" + ], + [ + "react-ga4", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "react-hook-form", + -0.1780821918, + "2025-03-01T19:06:13.000" + ], + [ + "react-hook-form", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "react-i18next", + 2.2739726027, + "2023-09-14T09:02:31.000" + ], + [ + "react-i18next", + 2.7863013699, + "2024-04-10T03:36:47.000" + ], + [ + "react-i18next", + 2.9945205479, + "2024-07-01T00:36:18.000" + ], + [ + "react-i18next", + 3.3863013699, + "2024-10-16T10:04:15.000" + ], + [ + "react-i18next", + 3.7397260274, + "2025-03-01T19:06:13.000" + ], + [ + "react-idle-timer", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "react-media", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "react-modal", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "react-redux", + 0.8465753425, + "2023-09-14T09:02:31.000" + ], + [ + "react-redux", + 1.304109589, + "2024-04-10T03:36:47.000" + ], + [ + "react-redux", + 1.6054794521, + "2024-10-16T10:04:15.000" + ], + [ + "react-redux", + 2.2164383562, + "2025-03-01T19:06:13.000" + ], + [ + "react-router-dom", + 0.9452054795, + "2023-09-14T09:02:31.000" + ], + [ + "react-router-dom", + 1.4273972603, + "2024-04-10T03:36:47.000" + ], + [ + "react-router-dom", + 1.7287671233, + "2024-07-01T00:36:18.000" + ], + [ + "react-router-dom", + 2.0273972603, + "2024-10-16T10:04:15.000" + ], + [ + "react-router-dom", + 2.3835616438, + "2025-03-01T19:06:13.000" + ], + [ + "react-router-hash-link", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "react-scripts", + 0.0, + "2023-09-14T09:02:31.000" + ], + [ + "react-select", + 0.0, + "2024-10-16T10:04:15.000" + ], + [ + "react-select", + 0.1178082192, + "2025-03-01T19:06:13.000" + ], + [ + "react-select-event", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "react-table", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "react-test-renderer", + 1.6657534247, + "2024-04-10T03:36:47.000" + ], + [ + "react-test-renderer", + 3.5315068493, + "2024-10-16T10:04:15.000" + ], + [ + "react-test-renderer", + 4.1424657534, + "2025-03-01T19:06:13.000" + ], + [ + "react-to-print", + 0.0, + "2024-07-01T00:36:18.000" + ], + [ + "react-to-print", + 0.6273972603, + "2024-10-16T10:04:15.000" + ], + [ + "react-to-print", + 0.9534246575, + "2025-03-01T19:06:13.000" + ], + [ + "redux", + 0.0, + "2023-09-14T09:02:31.000" + ], + [ + "redux", + 0.898630137, + "2025-03-01T19:06:13.000" + ], + [ + "redux-actions", + 3.9452054795, + "2024-07-01T00:36:18.000" + ], + [ + "redux-actions", + 5.3835616438, + "2025-03-01T19:06:13.000" + ], + [ + "redux-devtools-extension", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "redux-mock-store", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "redux-saga", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "redux-saga-routines", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "regenerator-runtime", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "sass", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "sass-loader", + 0.0, + "2023-09-14T09:02:31.000" + ], + [ + "sass-loader", + 0.1506849315, + "2024-04-10T03:36:47.000" + ], + [ + "sass-loader", + 0.3068493151, + "2024-07-01T00:36:18.000" + ], + [ + "sass-loader", + 0.7369863014, + "2024-10-16T10:04:15.000" + ], + [ + "sass-loader", + 1.1397260274, + "2025-03-01T19:06:13.000" + ], + [ + "sass-resources-loader", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "start-server-and-test", + 0.0, + "2023-09-14T09:02:31.000" + ], + [ + "start-server-and-test", + 0.7178082192, + "2024-04-10T03:36:47.000" + ], + [ + "text-encoding", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "tippy.js", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "ts-loader", + 3.0931506849, + "2023-09-14T09:02:31.000" + ], + [ + "ts-loader", + 3.4767123288, + "2024-10-16T10:04:15.000" + ], + [ + "ts-loader", + 4.6383561644, + "2025-03-01T19:06:13.000" + ], + [ + "typescript", + 0.5616438356, + "2023-09-14T09:02:31.000" + ], + [ + "typescript", + 1.1753424658, + "2024-04-10T03:36:47.000" + ], + [ + "typescript", + 1.3863013699, + "2024-07-01T00:36:18.000" + ], + [ + "typescript", + 1.6904109589, + "2024-10-16T10:04:15.000" + ], + [ + "typescript", + 2.0794520548, + "2025-03-01T19:06:13.000" + ], + [ + "uuid", + 2.7589041096, + "2024-04-10T03:36:47.000" + ], + [ + "uuid", + 3.501369863, + "2024-10-16T10:04:15.000" + ], + [ + "uuid", + 4.2, + "2025-03-01T19:06:13.000" + ], + [ + "vite", + 0.0273972603, + "2024-04-10T03:36:47.000" + ], + [ + "vite", + 0.0739726027, + "2024-10-16T10:04:15.000" + ], + [ + "vite", + 0.2602739726, + "2024-07-01T00:36:18.000" + ], + [ + "vite", + 0.3643835616, + "2025-03-01T19:06:13.000" + ], + [ + "vite-plugin-svgr", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "vite-plugin-svgr", + 0.1589041096, + "2024-10-16T10:04:15.000" + ], + [ + "vite-tsconfig-paths", + 0.0, + "2024-07-01T00:36:18.000" + ], + [ + "vite-tsconfig-paths", + 0.402739726, + "2024-10-16T10:04:15.000" + ], + [ + "vite-tsconfig-paths", + 0.7315068493, + "2025-03-01T19:06:13.000" + ], + [ + "vitest", + 0.2684931507, + "2025-03-01T19:06:13.000" + ], + [ + "vitest", + 0.4602739726, + "2024-04-10T03:36:47.000" + ], + [ + "vitest", + 0.5945205479, + "2024-07-01T00:36:18.000" + ], + [ + "vitest", + 1.0438356164, + "2024-10-16T10:04:15.000" + ], + [ + "wait-on", + 1.7479452055, + "2023-09-14T09:02:31.000" + ], + [ + "wait-on", + 2.6602739726, + "2024-04-10T03:36:47.000" + ], + [ + "webpack", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "wildcard-mock-link", + 0.0, + "2025-03-01T19:06:13.000" + ], + [ + "yup", + 1.6136986301, + "2023-09-14T09:02:31.000" + ], + [ + "yup", + 2.397260274, + "2024-10-16T10:04:15.000" + ], + [ + "yup", + 3.1835616438, + "2025-03-01T19:06:13.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/easi-shared/easi-shared_data.json b/app/site/_data/CMSgov/easi-shared/easi-shared_data.json index f359cf256b..6fed62784b 100644 --- a/app/site/_data/CMSgov/easi-shared/easi-shared_data.json +++ b/app/site/_data/CMSgov/easi-shared/easi-shared_data.json @@ -1,445 +1,445 @@ { - "url": "https://github.com/CMSgov/easi-shared", - "owner": "CMSgov", - "name": "easi-shared", - "description": null, - "commits_count": 29, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 39, - "open_pull_requests_count": 6, - "merged_pull_requests_count": 12, - "closed_pull_requests_count": 21, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 6, - "total_project_lines": 810, - "average_project_lines": 39, - "total_project_comment_lines": 39, - "average_project_comment_lines": 2, - "total_project_blank_lines": 101, - "average_blank_lines": 5, - "commits_by_month": { - "2024/3": 2, - "2024/1": 4, - "2023/8": 2, - "2022/12": 2, - "2022/9": 4, - "2022/7": 15 + "url": "https://github.com/CMSgov/easi-shared", + "owner": "CMSgov", + "name": "easi-shared", + "description": null, + "commits_count": 29, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 39, + "open_pull_requests_count": 6, + "merged_pull_requests_count": 12, + "closed_pull_requests_count": 21, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 6, + "total_project_lines": 810, + "average_project_lines": 39, + "total_project_comment_lines": 39, + "average_project_comment_lines": 2, + "total_project_blank_lines": 101, + "average_blank_lines": 5, + "commits_by_month": { + "2024/3": 2, + "2024/1": 4, + "2023/8": 2, + "2022/12": 2, + "2022/9": 4, + "2022/7": 15 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-06-29T17:02:19Z", + "ossf_scorecard": { + "date": "2025-02-23T16:46:13Z", + "repo": { + "name": "github.com/CMSgov/easi-shared", + "commit": "b56c5f5d0e5f336f38bb06d0950259382a100a10" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-06-29T17:02:19Z", - "ossf_scorecard": { - "date": "2025-02-23T16:46:13Z", - "repo": { - "name": "github.com/CMSgov/easi-shared", - "commit": "b56c5f5d0e5f336f38bb06d0950259382a100a10" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 12 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 5, - "reason": "Found 9/18 approved changesets -- score normalized to 5", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 3, - "reason": "dependency not pinned by hash detected -- score normalized to 3", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 6, - "reason": "4 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "YAML", - "Bytes": 2991, - "CodeBytes": 0, - "Lines": 119, - "Code": 104, - "Comment": 4, - "Blank": 11, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go", - "Bytes": 9245, - "CodeBytes": 0, - "Lines": 330, - "Code": 248, - "Comment": 28, - "Blank": 54, - "Complexity": 28, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 2438, - "CodeBytes": 0, - "Lines": 101, - "Code": 86, - "Comment": 5, - "Blank": 10, - "Complexity": 16, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 12630, - "CodeBytes": 0, - "Lines": 157, - "Code": 148, - "Comment": 0, - "Blank": 9, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 862, - "CodeBytes": 0, - "Lines": 32, - "Code": 22, - "Comment": 0, - "Blank": 10, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 881, - "CodeBytes": 0, - "Lines": 39, - "Code": 37, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 606, - "CodeBytes": 0, - "Lines": 29, - "Code": 24, - "Comment": 1, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 30, - "CodeBytes": 0, - "Lines": 3, - "Code": 1, - "Comment": 1, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 16178.575371577093, - "estimatedScheduleMonths_low": 2.9718311242887996, - "estimatedPeople_low": 0.5303537668036701, - "estimatedCost_high": 50419.50692722728, - "estimatedScheduleMonths_high": 2.9718311242887996, - "estimatedPeople_high": 0.5303537668036701, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nYAML 7 119 11 4 104 0\n(ULOC) 80\n-------------------------------------------------------------------------------\nGo 4 330 54 28 248 28\n(ULOC) 206\n-------------------------------------------------------------------------------\nTypeScript 3 101 10 5 86 16\n(ULOC) 85\n-------------------------------------------------------------------------------\nJSON 2 157 9 0 148 0\n(ULOC) 144\n-------------------------------------------------------------------------------\nMarkdown 2 32 10 0 22 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nJavaScript 1 39 2 0 37 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nSass 1 29 4 1 24 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nShell 1 3 1 1 1 0\n(ULOC) 3\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 21 810 101 39 670 44\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 586\nDRYness % 0.72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $17,740\nEstimated Schedule Effort (organic) 2.97 months\nEstimated People Required (organic) 0.53\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 29683 bytes, 0.030 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Go": 9245, - "TypeScript": 2438, - "JavaScript": 881, - "SCSS": 606, - "Shell": 30 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "@rollup/plugin-commonjs", - 2.3643835616, - "2025-03-01T04:31:37.000" - ], - [ - "@rollup/plugin-node-resolve", - 2.2602739726, - "2025-03-01T04:31:37.000" - ], - [ - "@rollup/plugin-typescript", - 2.2767123288, - "2025-03-01T04:31:37.000" - ], - [ - "@trussworks/react-uswds", - 2.3726027397, - "2025-03-01T04:31:37.000" - ], - [ - "@types/react", - 0.1616438356, - "2025-03-01T04:31:37.000" - ], - [ - "classnames", - 0.0, - "2025-03-01T04:31:37.000" - ], - [ - "postcss", - 0.0, - "2025-03-01T04:31:37.000" - ], - [ - "react", - 3.7068493151, - "2025-03-01T04:31:37.000" - ], - [ - "rollup", - 0.4246575342, - "2025-03-01T04:31:37.000" - ], - [ - "rollup-plugin-dts", - 1.6082191781, - "2025-03-01T04:31:37.000" - ], - [ - "rollup-plugin-postcss", - 0.0, - "2025-03-01T04:31:37.000" - ], - [ - "sass", - 0.0, - "2025-03-01T04:31:37.000" - ], - [ - "tslib", - 0.0, - "2025-03-01T04:31:37.000" - ], - [ - "typescript", - 2.0794520548, - "2025-03-01T04:31:37.000" - ] + "score": 4.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 12 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 5, + "reason": "Found 9/18 approved changesets -- score normalized to 5", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 3, + "reason": "dependency not pinned by hash detected -- score normalized to 3", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 6, + "reason": "4 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "YAML", + "Bytes": 2991, + "CodeBytes": 0, + "Lines": 119, + "Code": 104, + "Comment": 4, + "Blank": 11, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go", + "Bytes": 9245, + "CodeBytes": 0, + "Lines": 330, + "Code": 248, + "Comment": 28, + "Blank": 54, + "Complexity": 28, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 2438, + "CodeBytes": 0, + "Lines": 101, + "Code": 86, + "Comment": 5, + "Blank": 10, + "Complexity": 16, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 12630, + "CodeBytes": 0, + "Lines": 157, + "Code": 148, + "Comment": 0, + "Blank": 9, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 862, + "CodeBytes": 0, + "Lines": 32, + "Code": 22, + "Comment": 0, + "Blank": 10, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 881, + "CodeBytes": 0, + "Lines": 39, + "Code": 37, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 606, + "CodeBytes": 0, + "Lines": 29, + "Code": 24, + "Comment": 1, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 30, + "CodeBytes": 0, + "Lines": 3, + "Code": 1, + "Comment": 1, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 16178.575371577093, + "estimatedScheduleMonths_low": 2.9718311242887996, + "estimatedPeople_low": 0.5303537668036701, + "estimatedCost_high": 50419.50692722728, + "estimatedScheduleMonths_high": 2.9718311242887996, + "estimatedPeople_high": 0.5303537668036701, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nYAML 7 119 11 4 104 0\n(ULOC) 80\n-------------------------------------------------------------------------------\nGo 4 330 54 28 248 28\n(ULOC) 206\n-------------------------------------------------------------------------------\nTypeScript 3 101 10 5 86 16\n(ULOC) 85\n-------------------------------------------------------------------------------\nJSON 2 157 9 0 148 0\n(ULOC) 144\n-------------------------------------------------------------------------------\nMarkdown 2 32 10 0 22 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nJavaScript 1 39 2 0 37 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nSass 1 29 4 1 24 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nShell 1 3 1 1 1 0\n(ULOC) 3\n───────────────────────────────────────────────────────────────────────────────\nTotal 21 810 101 39 670 44\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 586\nDRYness % 0.72\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $17,740\nEstimated Schedule Effort (organic) 2.97 months\nEstimated People Required (organic) 0.53\n───────────────────────────────────────────────────────────────────────────────\nProcessed 29683 bytes, 0.030 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Go": 9245, + "TypeScript": 2438, + "JavaScript": 881, + "SCSS": 606, + "Shell": 30 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "@rollup/plugin-commonjs", + 2.3643835616, + "2025-03-01T04:31:37.000" + ], + [ + "@rollup/plugin-node-resolve", + 2.2602739726, + "2025-03-01T04:31:37.000" + ], + [ + "@rollup/plugin-typescript", + 2.2767123288, + "2025-03-01T04:31:37.000" + ], + [ + "@trussworks/react-uswds", + 2.3726027397, + "2025-03-01T04:31:37.000" + ], + [ + "@types/react", + 0.1616438356, + "2025-03-01T04:31:37.000" + ], + [ + "classnames", + 0.0, + "2025-03-01T04:31:37.000" + ], + [ + "postcss", + 0.0, + "2025-03-01T04:31:37.000" + ], + [ + "react", + 3.7068493151, + "2025-03-01T04:31:37.000" + ], + [ + "rollup", + 0.4246575342, + "2025-03-01T04:31:37.000" + ], + [ + "rollup-plugin-dts", + 1.6082191781, + "2025-03-01T04:31:37.000" + ], + [ + "rollup-plugin-postcss", + 0.0, + "2025-03-01T04:31:37.000" + ], + [ + "sass", + 0.0, + "2025-03-01T04:31:37.000" + ], + [ + "tslib", + 0.0, + "2025-03-01T04:31:37.000" + ], + [ + "typescript", + 2.0794520548, + "2025-03-01T04:31:37.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/ec2ssm/ec2ssm_data.json b/app/site/_data/CMSgov/ec2ssm/ec2ssm_data.json index 9a8f559bbf..10c45cd2dc 100644 --- a/app/site/_data/CMSgov/ec2ssm/ec2ssm_data.json +++ b/app/site/_data/CMSgov/ec2ssm/ec2ssm_data.json @@ -1,290 +1,290 @@ { - "url": "https://github.com/CMSgov/ec2ssm", - "owner": "CMSgov", - "name": "ec2ssm", - "description": "Connect to instances using SSM session manager. As an alternative to SSH", - "commits_count": 3, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 0, - "forks_count": 1, - "stargazers_count": 0, - "watchers_count": 12, - "total_project_lines": 171, - "average_project_lines": 57, - "total_project_comment_lines": 2, - "average_project_comment_lines": 1, - "total_project_blank_lines": 28, - "average_blank_lines": 9, - "commits_by_month": { - "2023/9": 3 + "url": "https://github.com/CMSgov/ec2ssm", + "owner": "CMSgov", + "name": "ec2ssm", + "description": "Connect to instances using SSM session manager. As an alternative to SSH", + "commits_count": 3, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 0, + "forks_count": 1, + "stargazers_count": 0, + "watchers_count": 12, + "total_project_lines": 171, + "average_project_lines": 57, + "total_project_comment_lines": 2, + "average_project_comment_lines": 1, + "total_project_blank_lines": 28, + "average_blank_lines": 9, + "commits_by_month": { + "2023/9": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2023-09-12T19:48:30Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:33Z", + "repo": { + "name": "github.com/CMSgov/ec2ssm", + "commit": "296fccfa879dcdc737379a3eeaa7a9e0bc723a89" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2023-09-12T19:48:30Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:33Z", - "repo": { - "name": "github.com/CMSgov/ec2ssm", - "commit": "296fccfa879dcdc737379a3eeaa7a9e0bc723a89" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 5, - "reason": "Found 1/2 approved changesets -- score normalized to 5", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 8, - "reason": "2 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Go", - "Bytes": 2566, - "CodeBytes": 0, - "Lines": 110, - "Code": 93, - "Comment": 2, - "Blank": 15, - "Complexity": 13, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 1097, - "CodeBytes": 0, - "Lines": 21, - "Code": 17, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1344, - "CodeBytes": 0, - "Lines": 40, - "Code": 31, - "Comment": 0, - "Blank": 9, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 3149.5013726738352, - "estimatedScheduleMonths_low": 1.5957274152892587, - "estimatedPeople_low": 0.19227933149368265, - "estimatedCost_high": 9815.221836887902, - "estimatedScheduleMonths_high": 1.5957274152892587, - "estimatedPeople_high": 0.19227933149368265, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nGo 1 110 15 2 93 13\n(ULOC) 82\n-------------------------------------------------------------------------------\nLicense 1 21 4 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nMarkdown 1 40 9 0 31 0\n(ULOC) 27\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 3 171 28 2 141 13\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 125\nDRYness % 0.73\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $3,453\nEstimated Schedule Effort (organic) 1.60 months\nEstimated People Required (organic) 0.19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 5007 bytes, 0.005 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Go": 2566 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 5, + "reason": "Found 1/2 approved changesets -- score normalized to 5", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 8, + "reason": "2 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Go", + "Bytes": 2566, + "CodeBytes": 0, + "Lines": 110, + "Code": 93, + "Comment": 2, + "Blank": 15, + "Complexity": 13, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 1097, + "CodeBytes": 0, + "Lines": 21, + "Code": 17, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1344, + "CodeBytes": 0, + "Lines": 40, + "Code": 31, + "Comment": 0, + "Blank": 9, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 3149.5013726738352, + "estimatedScheduleMonths_low": 1.5957274152892587, + "estimatedPeople_low": 0.19227933149368265, + "estimatedCost_high": 9815.221836887902, + "estimatedScheduleMonths_high": 1.5957274152892587, + "estimatedPeople_high": 0.19227933149368265, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nGo 1 110 15 2 93 13\n(ULOC) 82\n-------------------------------------------------------------------------------\nLicense 1 21 4 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nMarkdown 1 40 9 0 31 0\n(ULOC) 27\n───────────────────────────────────────────────────────────────────────────────\nTotal 3 171 28 2 141 13\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 125\nDRYness % 0.73\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $3,453\nEstimated Schedule Effort (organic) 1.60 months\nEstimated People Required (organic) 0.19\n───────────────────────────────────────────────────────────────────────────────\nProcessed 5007 bytes, 0.005 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Go": 2566 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/fr-notices/fr-notices_data.json b/app/site/_data/CMSgov/fr-notices/fr-notices_data.json index b2fc463328..1cfc6ec67f 100644 --- a/app/site/_data/CMSgov/fr-notices/fr-notices_data.json +++ b/app/site/_data/CMSgov/fr-notices/fr-notices_data.json @@ -1,294 +1,294 @@ { - "url": "https://github.com/CMSgov/fr-notices", - "owner": "CMSgov", - "name": "fr-notices", - "description": "Collection of manual tweaks to make parsing Federal Register notices easier", - "commits_count": 331, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 3, - "total_project_lines": 172311, - "average_project_lines": 1915, - "total_project_comment_lines": 103, - "average_project_comment_lines": 1, - "total_project_blank_lines": 8230, - "average_blank_lines": 91, - "commits_by_month": { - "2018/4": 3, - "2017/5": 6, - "2017/4": 4, - "2017/3": 3, - "2016/10": 6, - "2016/7": 5, - "2016/5": 3 + "url": "https://github.com/CMSgov/fr-notices", + "owner": "CMSgov", + "name": "fr-notices", + "description": "Collection of manual tweaks to make parsing Federal Register notices easier", + "commits_count": 331, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 3, + "total_project_lines": 172311, + "average_project_lines": 1915, + "total_project_comment_lines": 103, + "average_project_comment_lines": 1, + "total_project_blank_lines": 8230, + "average_blank_lines": 91, + "commits_by_month": { + "2018/4": 3, + "2017/5": 6, + "2017/4": 4, + "2017/3": 3, + "2016/10": 6, + "2016/7": 5, + "2016/5": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-10-07T16:16:30Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:33Z", + "repo": { + "name": "github.com/CMSgov/fr-notices", + "commit": "ad8f9909b12e6d14c973eb0a34bf180fbe9fcd8c" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-10-07T16:16:30Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:33Z", - "repo": { - "name": "github.com/CMSgov/fr-notices", - "commit": "ad8f9909b12e6d14c973eb0a34bf180fbe9fcd8c" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.0, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 16 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "XML", - "Bytes": 36639939, - "CodeBytes": 0, - "Lines": 190578, - "Code": 181382, - "Comment": 103, - "Blank": 9093, - "Complexity": 0, - "Count": 88, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 4886, - "CodeBytes": 0, - "Lines": 122, - "Code": 83, - "Comment": 0, - "Blank": 39, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7048, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 5801871.125015355, - "estimatedScheduleMonths_low": 27.783227253996927, - "estimatedPeople_low": 20.343931951909305, - "estimatedCost_high": 18081164.42023139, - "estimatedScheduleMonths_high": 27.783227253996927, - "estimatedPeople_high": 20.343931951909305, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nXML 88 190578 9093 103 181382 0\n(ULOC) 70978\n-------------------------------------------------------------------------------\nMarkdown 3 122 39 0 83 0\n(ULOC) 84\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 92 190821 9144 103 181574 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 71170\nDRYness % 0.37\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $6,362,117\nEstimated Schedule Effort (organic) 27.78 months\nEstimated People Required (organic) 20.34\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 36651873 bytes, 36.652 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.0, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 16 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "XML", + "Bytes": 36639939, + "CodeBytes": 0, + "Lines": 190578, + "Code": 181382, + "Comment": 103, + "Blank": 9093, + "Complexity": 0, + "Count": 88, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 4886, + "CodeBytes": 0, + "Lines": 122, + "Code": 83, + "Comment": 0, + "Blank": 39, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7048, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 5801871.125015355, + "estimatedScheduleMonths_low": 27.783227253996927, + "estimatedPeople_low": 20.343931951909305, + "estimatedCost_high": 18081164.42023139, + "estimatedScheduleMonths_high": 27.783227253996927, + "estimatedPeople_high": 20.343931951909305, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nXML 88 190578 9093 103 181382 0\n(ULOC) 70978\n-------------------------------------------------------------------------------\nMarkdown 3 122 39 0 83 0\n(ULOC) 84\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 92 190821 9144 103 181574 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 71170\nDRYness % 0.37\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $6,362,117\nEstimated Schedule Effort (organic) 27.78 months\nEstimated People Required (organic) 20.34\n───────────────────────────────────────────────────────────────────────────────\nProcessed 36651873 bytes, 36.652 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/hospital-price-transparency/hospital-price-transparency_data.json b/app/site/_data/CMSgov/hospital-price-transparency/hospital-price-transparency_data.json index e1c7a7987e..ad3a8811ad 100644 --- a/app/site/_data/CMSgov/hospital-price-transparency/hospital-price-transparency_data.json +++ b/app/site/_data/CMSgov/hospital-price-transparency/hospital-price-transparency_data.json @@ -1,306 +1,306 @@ { - "url": "https://github.com/CMSgov/hospital-price-transparency", - "owner": "CMSgov", - "name": "hospital-price-transparency", - "description": null, - "commits_count": 114, - "issues_count": 4, - "open_issues_count": 1, - "closed_issues_count": 3, - "pull_requests_count": 33, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 32, - "closed_pull_requests_count": 1, - "forks_count": 6, - "stargazers_count": 70, - "watchers_count": 101, - "total_project_lines": 2386, - "average_project_lines": 140, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 113, - "average_blank_lines": 7, - "commits_by_month": { - "2024/8": 1, - "2024/6": 10, - "2024/5": 6, - "2024/4": 10, - "2024/3": 3 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [ - [ - "2025-01-08T06:00:00.000Z", - 1 - ], - [ - "2025-01-30T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/hospital-price-transparency", + "owner": "CMSgov", + "name": "hospital-price-transparency", + "description": null, + "commits_count": 114, + "issues_count": 4, + "open_issues_count": 1, + "closed_issues_count": 3, + "pull_requests_count": 33, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 32, + "closed_pull_requests_count": 1, + "forks_count": 6, + "stargazers_count": 70, + "watchers_count": 101, + "total_project_lines": 2386, + "average_project_lines": 140, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 113, + "average_blank_lines": 7, + "commits_by_month": { + "2024/8": 1, + "2024/6": 10, + "2024/5": 6, + "2024/4": 10, + "2024/3": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [ + [ + "2025-01-08T06:00:00.000Z", + 1 ], - "created_at": "2022-10-31T18:26:51Z", - "ossf_scorecard": { - "date": "2025-02-23T16:35:12Z", - "repo": { - "name": "github.com/CMSgov/hospital-price-transparency", - "commit": "f6278debb1f649682de7b7cfca91d567527b4c22" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 7 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/8 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + [ + "2025-01-30T06:00:00.000Z", + 1 + ] + ], + "created_at": "2022-10-31T18:26:51Z", + "ossf_scorecard": { + "date": "2025-02-23T16:35:12Z", + "repo": { + "name": "github.com/CMSgov/hospital-price-transparency", + "commit": "f6278debb1f649682de7b7cfca91d567527b4c22" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 93779, - "CodeBytes": 0, - "Lines": 602, - "Code": 489, - "Comment": 0, - "Blank": 113, - "Complexity": 0, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 15026, - "CodeBytes": 0, - "Lines": 63, - "Code": 63, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 44080, - "CodeBytes": 0, - "Lines": 1721, - "Code": 1721, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 58343.32031879614, - "estimatedScheduleMonths_low": 4.838418782264512, - "estimatedPeople_low": 1.17472765763647, - "estimatedCost_high": 181823.26783475187, - "estimatedScheduleMonths_high": 4.838418782264512, - "estimatedPeople_high": 1.17472765763647, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 9 602 113 0 489 0\n(ULOC) 446\n-------------------------------------------------------------------------------\nCSV 4 63 0 0 63 0\n(ULOC) 63\n-------------------------------------------------------------------------------\nJSON 4 1721 0 0 1721 0\n(ULOC) 627\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 17 2386 113 0 2273 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1135\nDRYness % 0.48\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $63,977\nEstimated Schedule Effort (organic) 4.84 months\nEstimated People Required (organic) 1.17\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 152885 bytes, 0.153 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "predominant_langs": {}, - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "average_issue_resolution_time": [ - [ - "hospital-price-transparency", - "30 days 10:28:22.333333" - ] + "score": 2.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 7 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/8 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 93779, + "CodeBytes": 0, + "Lines": 602, + "Code": 489, + "Comment": 0, + "Blank": 113, + "Complexity": 0, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 15026, + "CodeBytes": 0, + "Lines": 63, + "Code": 63, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 44080, + "CodeBytes": 0, + "Lines": 1721, + "Code": 1721, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "estimatedCost_low": 58343.32031879614, + "estimatedScheduleMonths_low": 4.838418782264512, + "estimatedPeople_low": 1.17472765763647, + "estimatedCost_high": 181823.26783475187, + "estimatedScheduleMonths_high": 4.838418782264512, + "estimatedPeople_high": 1.17472765763647, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 9 602 113 0 489 0\n(ULOC) 446\n-------------------------------------------------------------------------------\nCSV 4 63 0 0 63 0\n(ULOC) 63\n-------------------------------------------------------------------------------\nJSON 4 1721 0 0 1721 0\n(ULOC) 627\n───────────────────────────────────────────────────────────────────────────────\nTotal 17 2386 113 0 2273 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1135\nDRYness % 0.48\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $63,977\nEstimated Schedule Effort (organic) 4.84 months\nEstimated People Required (organic) 1.17\n───────────────────────────────────────────────────────────────────────────────\nProcessed 152885 bytes, 0.153 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "average_issue_resolution_time": [ + [ + "hospital-price-transparency", + "30 days 10:28:22.333333" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/hpt-tool/hpt-tool_data.json b/app/site/_data/CMSgov/hpt-tool/hpt-tool_data.json index bf3f963986..0fc30d799f 100644 --- a/app/site/_data/CMSgov/hpt-tool/hpt-tool_data.json +++ b/app/site/_data/CMSgov/hpt-tool/hpt-tool_data.json @@ -1,533 +1,533 @@ { - "url": "https://github.com/CMSgov/hpt-tool", - "owner": "CMSgov", - "name": "hpt-tool", - "description": "Validator tool for CMS Hospital Price Transparency machine-readable files", - "commits_count": 153, - "issues_count": 4, - "open_issues_count": 0, - "closed_issues_count": 4, - "pull_requests_count": 50, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 41, - "closed_pull_requests_count": 8, - "forks_count": 5, - "stargazers_count": 15, - "watchers_count": 11, - "total_project_lines": 2467, - "average_project_lines": 80, - "total_project_comment_lines": 55, - "average_project_comment_lines": 2, - "total_project_blank_lines": 208, - "average_blank_lines": 7, - "commits_by_month": { - "2025/1": 2, - "2024/12": 1, - "2024/11": 8, - "2024/10": 2, - "2024/9": 5, - "2024/8": 2, - "2024/7": 5, - "2024/6": 5 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-10-25T05:00:00.000Z", - 1 - ], - [ - "2024-11-04T06:00:00.000Z", - 1 - ], - [ - "2024-11-25T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/hpt-tool", + "owner": "CMSgov", + "name": "hpt-tool", + "description": "Validator tool for CMS Hospital Price Transparency machine-readable files", + "commits_count": 153, + "issues_count": 4, + "open_issues_count": 0, + "closed_issues_count": 4, + "pull_requests_count": 50, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 41, + "closed_pull_requests_count": 8, + "forks_count": 5, + "stargazers_count": 15, + "watchers_count": 11, + "total_project_lines": 2467, + "average_project_lines": 80, + "total_project_comment_lines": 55, + "average_project_comment_lines": 2, + "total_project_blank_lines": 208, + "average_blank_lines": 7, + "commits_by_month": { + "2025/1": 2, + "2024/12": 1, + "2024/11": 8, + "2024/10": 2, + "2024/9": 5, + "2024/8": 2, + "2024/7": 5, + "2024/6": 5 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-10-25T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "created_at": "2023-04-27T14:28:36Z", - "ossf_scorecard": { - "date": "2025-02-23T16:37:09Z", - "repo": { - "name": "github.com/CMSgov/hpt-tool", - "commit": "94cc75c644aab43624bba1483f8c5a21170551f5" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.3, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "12 out of 12 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 4, - "reason": "Found 7/16 approved changesets -- score normalized to 4", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 4 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 3, - "reason": "4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 1, - "reason": "dependency not pinned by hash detected -- score normalized to 1", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool is run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 10, - "reason": "GitHub workflow tokens follow principle of least privilege", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 4, - "reason": "6 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSX", - "Bytes": 58354, - "CodeBytes": 0, - "Lines": 1697, - "Code": 1558, - "Comment": 51, - "Blank": 88, - "Complexity": 77, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 9297, - "CodeBytes": 0, - "Lines": 247, - "Code": 165, - "Comment": 0, - "Blank": 82, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 3446, - "CodeBytes": 0, - "Lines": 100, - "Code": 100, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 1368, - "CodeBytes": 0, - "Lines": 59, - "Code": 54, - "Comment": 1, - "Blank": 4, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 1254, - "CodeBytes": 0, - "Lines": 80, - "Code": 65, - "Comment": 2, - "Blank": 13, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 1818, - "CodeBytes": 0, - "Lines": 60, - "Code": 60, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 6453, - "CodeBytes": 0, - "Lines": 84, - "Code": 80, - "Comment": 1, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1699, - "CodeBytes": 0, - "Lines": 84, - "Code": 66, - "Comment": 0, - "Blank": 18, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 54979.112448223284, - "estimatedScheduleMonths_low": 4.730444560701603, - "estimatedPeople_low": 1.1322576810153349, - "estimatedCost_high": 171338.92677633112, - "estimatedScheduleMonths_high": 4.730444560701603, - "estimatedPeople_high": 1.1322576810153349, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSX 13 1697 88 51 1558 77\n(ULOC) 1097\n-------------------------------------------------------------------------------\nMarkdown 6 247 82 0 165 0\n(ULOC) 148\n-------------------------------------------------------------------------------\nHTML 4 100 0 0 100 0\n(ULOC) 29\n-------------------------------------------------------------------------------\nJavaScript 4 59 4 1 54 0\n(ULOC) 50\n-------------------------------------------------------------------------------\nCSS 1 80 13 2 65 0\n(ULOC) 48\n-------------------------------------------------------------------------------\nJSON 1 60 0 0 60 0\n(ULOC) 58\n-------------------------------------------------------------------------------\nSVG 1 84 3 1 80 0\n(ULOC) 70\n-------------------------------------------------------------------------------\nYAML 1 84 18 0 66 0\n(ULOC) 50\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 31 2411 208 55 2148 77\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1536\nDRYness % 0.64\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $60,288\nEstimated Schedule Effort (organic) 4.73 months\nEstimated People Required (organic) 1.13\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 83689 bytes, 0.084 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-11-04T06:00:00.000Z", + 1 + ], + [ + "2024-11-25T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "created_at": "2023-04-27T14:28:36Z", + "ossf_scorecard": { + "date": "2025-02-23T16:37:09Z", + "repo": { + "name": "github.com/CMSgov/hpt-tool", + "commit": "94cc75c644aab43624bba1483f8c5a21170551f5" }, - "predominant_langs": { - "JavaScript": 59722, - "HTML": 3446, - "CSS": 1254 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "average_issue_resolution_time": [ - [ - "hpt-tool", - "77 days 20:16:14" - ] + "score": 6.3, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "12 out of 12 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 4, + "reason": "Found 7/16 approved changesets -- score normalized to 4", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 4 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 3, + "reason": "4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 1, + "reason": "dependency not pinned by hash detected -- score normalized to 1", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool is run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 10, + "reason": "GitHub workflow tokens follow principle of least privilege", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 4, + "reason": "6 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSX", + "Bytes": 58354, + "CodeBytes": 0, + "Lines": 1697, + "Code": 1558, + "Comment": 51, + "Blank": 88, + "Complexity": 77, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 9297, + "CodeBytes": 0, + "Lines": 247, + "Code": 165, + "Comment": 0, + "Blank": 82, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 3446, + "CodeBytes": 0, + "Lines": 100, + "Code": 100, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 1368, + "CodeBytes": 0, + "Lines": 59, + "Code": 54, + "Comment": 1, + "Blank": 4, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 1254, + "CodeBytes": 0, + "Lines": 80, + "Code": 65, + "Comment": 2, + "Blank": 13, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 1818, + "CodeBytes": 0, + "Lines": 60, + "Code": 60, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 6453, + "CodeBytes": 0, + "Lines": 84, + "Code": 80, + "Comment": 1, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1699, + "CodeBytes": 0, + "Lines": 84, + "Code": 66, + "Comment": 0, + "Blank": 18, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 54979.112448223284, + "estimatedScheduleMonths_low": 4.730444560701603, + "estimatedPeople_low": 1.1322576810153349, + "estimatedCost_high": 171338.92677633112, + "estimatedScheduleMonths_high": 4.730444560701603, + "estimatedPeople_high": 1.1322576810153349, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSX 13 1697 88 51 1558 77\n(ULOC) 1097\n-------------------------------------------------------------------------------\nMarkdown 6 247 82 0 165 0\n(ULOC) 148\n-------------------------------------------------------------------------------\nHTML 4 100 0 0 100 0\n(ULOC) 29\n-------------------------------------------------------------------------------\nJavaScript 4 59 4 1 54 0\n(ULOC) 50\n-------------------------------------------------------------------------------\nCSS 1 80 13 2 65 0\n(ULOC) 48\n-------------------------------------------------------------------------------\nJSON 1 60 0 0 60 0\n(ULOC) 58\n-------------------------------------------------------------------------------\nSVG 1 84 3 1 80 0\n(ULOC) 70\n-------------------------------------------------------------------------------\nYAML 1 84 18 0 66 0\n(ULOC) 50\n───────────────────────────────────────────────────────────────────────────────\nTotal 31 2411 208 55 2148 77\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1536\nDRYness % 0.64\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $60,288\nEstimated Schedule Effort (organic) 4.73 months\nEstimated People Required (organic) 1.13\n───────────────────────────────────────────────────────────────────────────────\nProcessed 83689 bytes, 0.084 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 59722, + "HTML": 3446, + "CSS": 1254 + }, + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "average_issue_resolution_time": [ + [ + "hpt-tool", + "77 days 20:16:14" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@babel/core", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "@babel/eslint-parser", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "@babel/preset-env", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "@babel/preset-react", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "@rollup/plugin-babel", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "@trussworks/react-uswds", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "@types/papaparse", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "@uswds/uswds", + 0.2054794521, + "2025-01-03T07:14:42.000" + ], + [ + "@vitejs/plugin-react", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "buffer", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "classnames", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "clipboard", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "eslint", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "eslint-config-prettier", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "eslint-plugin-import", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "eslint-plugin-prettier", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "eslint-plugin-react", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "esm", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "hpt-validator", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "jsdom", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "prettier", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "prettier-eslint", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "prop-types", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "react", + 0.6109589041, + "2025-01-03T07:14:42.000" + ], + [ + "react-dom", + 0.6109589041, + "2025-01-03T07:14:42.000" + ], + [ + "validator", + 0.0, + "2025-01-03T07:14:42.000" + ], + [ + "vite", + 0.2191780822, + "2025-01-03T07:14:42.000" ], - "repo_dependency_libyear_list": [ - [ - "@babel/core", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "@babel/eslint-parser", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "@babel/preset-env", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "@babel/preset-react", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "@rollup/plugin-babel", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "@trussworks/react-uswds", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "@types/papaparse", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "@uswds/uswds", - 0.2054794521, - "2025-01-03T07:14:42.000" - ], - [ - "@vitejs/plugin-react", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "buffer", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "classnames", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "clipboard", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "eslint", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "eslint-config-prettier", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "eslint-plugin-import", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "eslint-plugin-prettier", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "eslint-plugin-react", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "esm", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "hpt-validator", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "jsdom", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "prettier", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "prettier-eslint", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "prop-types", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "react", - 0.6109589041, - "2025-01-03T07:14:42.000" - ], - [ - "react-dom", - 0.6109589041, - "2025-01-03T07:14:42.000" - ], - [ - "validator", - 0.0, - "2025-01-03T07:14:42.000" - ], - [ - "vite", - 0.2191780822, - "2025-01-03T07:14:42.000" - ], - [ - "vitest", - 0.0383561644, - "2025-01-03T07:14:42.000" - ] + [ + "vitest", + 0.0383561644, + "2025-01-03T07:14:42.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/hpt-validator-cli/hpt-validator-cli_data.json b/app/site/_data/CMSgov/hpt-validator-cli/hpt-validator-cli_data.json index 31293a7ebd..3bb5635ff5 100644 --- a/app/site/_data/CMSgov/hpt-validator-cli/hpt-validator-cli_data.json +++ b/app/site/_data/CMSgov/hpt-validator-cli/hpt-validator-cli_data.json @@ -1,417 +1,417 @@ { - "url": "https://github.com/CMSgov/hpt-validator-cli", - "owner": "CMSgov", - "name": "hpt-validator-cli", - "description": "CLI for validating CMS Hospital Price Transparency machine-readable files", - "commits_count": 59, - "issues_count": 6, - "open_issues_count": 1, - "closed_issues_count": 5, - "pull_requests_count": 26, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 18, - "closed_pull_requests_count": 7, - "forks_count": 5, - "stargazers_count": 5, - "watchers_count": 11, - "total_project_lines": 574, - "average_project_lines": 44, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 126, - "average_blank_lines": 10, - "commits_by_month": { - "2025/1": 4, - "2024/11": 6, - "2024/10": 7, - "2024/9": 3, - "2024/8": 2, - "2024/7": 2, - "2024/6": 4, - "2024/5": 2 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-10-03T05:00:00.000Z", - 2 - ], - [ - "2024-10-29T05:00:00.000Z", - 1 - ], - [ - "2024-11-04T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/hpt-validator-cli", + "owner": "CMSgov", + "name": "hpt-validator-cli", + "description": "CLI for validating CMS Hospital Price Transparency machine-readable files", + "commits_count": 59, + "issues_count": 6, + "open_issues_count": 1, + "closed_issues_count": 5, + "pull_requests_count": 26, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 18, + "closed_pull_requests_count": 7, + "forks_count": 5, + "stargazers_count": 5, + "watchers_count": 11, + "total_project_lines": 574, + "average_project_lines": 44, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 126, + "average_blank_lines": 10, + "commits_by_month": { + "2025/1": 4, + "2024/11": 6, + "2024/10": 7, + "2024/9": 3, + "2024/8": 2, + "2024/7": 2, + "2024/6": 4, + "2024/5": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-10-03T05:00:00.000Z", + 2 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [ - [ - "2025-01-11T06:00:00.000Z", - 1 - ] + [ + "2024-10-29T05:00:00.000Z", + 1 ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2023-04-27T14:29:33Z", - "ossf_scorecard": { - "date": "2025-02-23T16:38:58Z", - "repo": { - "name": "github.com/CMSgov/hpt-validator-cli", - "commit": "7cb5752798077a529d2f889e8905b3c6879e6e63" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.3, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "12 out of 12 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 2, - "reason": "Found 7/26 approved changesets -- score normalized to 2", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 3 contributing companies or organizations -- score normalized to 10", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 3, - "reason": "4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 2, - "reason": "dependency not pinned by hash detected -- score normalized to 2", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool is run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 11000, - "CodeBytes": 0, - "Lines": 290, - "Code": 195, - "Comment": 0, - "Blank": 95, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 1485, - "CodeBytes": 0, - "Lines": 52, - "Code": 52, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 3319, - "CodeBytes": 0, - "Lines": 139, - "Code": 122, - "Comment": 0, - "Blank": 17, - "Complexity": 27, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1032, - "CodeBytes": 0, - "Lines": 52, - "Code": 40, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 974, - "CodeBytes": 0, - "Lines": 41, - "Code": 39, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 10602.386900453765, - "estimatedScheduleMonths_low": 2.5309304337011334, - "estimatedPeople_low": 0.40810597035911883, - "estimatedCost_high": 33041.66822449105, - "estimatedScheduleMonths_high": 2.5309304337011334, - "estimatedPeople_high": 0.40810597035911883, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 6 290 95 0 195 0\n(ULOC) 171\n-------------------------------------------------------------------------------\nJSON 2 52 0 0 52 0\n(ULOC) 47\n-------------------------------------------------------------------------------\nTypeScript 2 139 17 0 122 27\n(ULOC) 103\n-------------------------------------------------------------------------------\nYAML 2 52 12 0 40 0\n(ULOC) 34\n-------------------------------------------------------------------------------\nJavaScript 1 41 2 0 39 0\n(ULOC) 36\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 13 574 126 0 448 27\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 384\nDRYness % 0.67\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $11,626\nEstimated Schedule Effort (organic) 2.53 months\nEstimated People Required (organic) 0.41\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 17810 bytes, 0.018 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-11-04T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [ + [ + "2025-01-11T06:00:00.000Z", + 1 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2023-04-27T14:29:33Z", + "ossf_scorecard": { + "date": "2025-02-23T16:38:58Z", + "repo": { + "name": "github.com/CMSgov/hpt-validator-cli", + "commit": "7cb5752798077a529d2f889e8905b3c6879e6e63" }, - "predominant_langs": { - "TypeScript": 2385, - "JavaScript": 1908 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "hpt-validator-cli", - "40 days 20:21:32.8" - ] + "score": 5.3, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "12 out of 12 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 2, + "reason": "Found 7/26 approved changesets -- score normalized to 2", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 3 contributing companies or organizations -- score normalized to 10", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 3, + "reason": "4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 2, + "reason": "dependency not pinned by hash detected -- score normalized to 2", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool is run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 11000, + "CodeBytes": 0, + "Lines": 290, + "Code": 195, + "Comment": 0, + "Blank": 95, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 1485, + "CodeBytes": 0, + "Lines": 52, + "Code": 52, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 3319, + "CodeBytes": 0, + "Lines": 139, + "Code": 122, + "Comment": 0, + "Blank": 17, + "Complexity": 27, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1032, + "CodeBytes": 0, + "Lines": 52, + "Code": 40, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 974, + "CodeBytes": 0, + "Lines": 41, + "Code": 39, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 10602.386900453765, + "estimatedScheduleMonths_low": 2.5309304337011334, + "estimatedPeople_low": 0.40810597035911883, + "estimatedCost_high": 33041.66822449105, + "estimatedScheduleMonths_high": 2.5309304337011334, + "estimatedPeople_high": 0.40810597035911883, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 6 290 95 0 195 0\n(ULOC) 171\n-------------------------------------------------------------------------------\nJSON 2 52 0 0 52 0\n(ULOC) 47\n-------------------------------------------------------------------------------\nTypeScript 2 139 17 0 122 27\n(ULOC) 103\n-------------------------------------------------------------------------------\nYAML 2 52 12 0 40 0\n(ULOC) 34\n-------------------------------------------------------------------------------\nJavaScript 1 41 2 0 39 0\n(ULOC) 36\n───────────────────────────────────────────────────────────────────────────────\nTotal 13 574 126 0 448 27\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 384\nDRYness % 0.67\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $11,626\nEstimated Schedule Effort (organic) 2.53 months\nEstimated People Required (organic) 0.41\n───────────────────────────────────────────────────────────────────────────────\nProcessed 17810 bytes, 0.018 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 2385, + "JavaScript": 1908 + }, + "average_issue_resolution_time": [ + [ + "hpt-validator-cli", + "40 days 20:21:32.8" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@stylistic/eslint-plugin-js", + 0.3945205479, + "2025-03-01T04:32:37.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 0.3561643836, + "2025-03-01T04:32:37.000" + ], + [ + "@typescript-eslint/parser", + 0.3561643836, + "2025-03-01T04:32:37.000" + ], + [ + "chalk", + 0.0, + "2025-03-01T04:32:37.000" + ], + [ + "commander", + 0.6767123288, + "2025-03-01T04:32:37.000" + ], + [ + "eslint", + 0.0, + "2025-03-01T04:32:37.000" + ], + [ + "eslint-config-prettier", + 1.2383561644, + "2025-03-01T04:32:37.000" + ], + [ + "eslint-plugin-prettier", + 0.0, + "2025-03-01T04:32:37.000" + ], + [ + "esm", + 0.0, + "2025-03-01T04:32:37.000" + ], + [ + "hpt-validator", + 0.0, + "2025-03-01T04:32:37.000" + ], + [ + "prettier", + 0.0, + "2025-03-01T04:32:37.000" + ], + [ + "ts-node", + 0.0, + "2025-03-01T04:32:37.000" ], - "repo_dependency_libyear_list": [ - [ - "@stylistic/eslint-plugin-js", - 0.3945205479, - "2025-03-01T04:32:37.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 0.3561643836, - "2025-03-01T04:32:37.000" - ], - [ - "@typescript-eslint/parser", - 0.3561643836, - "2025-03-01T04:32:37.000" - ], - [ - "chalk", - 0.0, - "2025-03-01T04:32:37.000" - ], - [ - "commander", - 0.6767123288, - "2025-03-01T04:32:37.000" - ], - [ - "eslint", - 0.0, - "2025-03-01T04:32:37.000" - ], - [ - "eslint-config-prettier", - 1.2383561644, - "2025-03-01T04:32:37.000" - ], - [ - "eslint-plugin-prettier", - 0.0, - "2025-03-01T04:32:37.000" - ], - [ - "esm", - 0.0, - "2025-03-01T04:32:37.000" - ], - [ - "hpt-validator", - 0.0, - "2025-03-01T04:32:37.000" - ], - [ - "prettier", - 0.0, - "2025-03-01T04:32:37.000" - ], - [ - "ts-node", - 0.0, - "2025-03-01T04:32:37.000" - ], - [ - "typescript", - -0.002739726, - "2025-03-01T04:32:37.000" - ] + [ + "typescript", + -0.002739726, + "2025-03-01T04:32:37.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/hpt-validator-tool/hpt-validator-tool_data.json b/app/site/_data/CMSgov/hpt-validator-tool/hpt-validator-tool_data.json index b76c94b1e6..ca60fba6c4 100644 --- a/app/site/_data/CMSgov/hpt-validator-tool/hpt-validator-tool_data.json +++ b/app/site/_data/CMSgov/hpt-validator-tool/hpt-validator-tool_data.json @@ -1,405 +1,405 @@ { - "url": "https://github.com/CMSgov/hpt-validator-tool", - "owner": "CMSgov", - "name": "hpt-validator-tool", - "description": null, - "commits_count": 4, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 50, - "average_project_lines": 17, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 11, - "average_blank_lines": 4, - "commits_by_month": { - "2024/5": 1, - "2023/12": 3 + "url": "https://github.com/CMSgov/hpt-validator-tool", + "owner": "CMSgov", + "name": "hpt-validator-tool", + "description": null, + "commits_count": 4, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 50, + "average_project_lines": 17, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 11, + "average_blank_lines": 4, + "commits_by_month": { + "2024/5": 1, + "2023/12": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2023-12-08T14:26:24Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:21Z", + "repo": { + "name": "github.com/CMSgov/hpt-validator-tool", + "commit": "9dd369f1700a5a0cdd2bd7f6f0e4b026d6fb61b9" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2023-12-08T14:26:24Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:21Z", - "repo": { - "name": "github.com/CMSgov/hpt-validator-tool", - "commit": "9dd369f1700a5a0cdd2bd7f6f0e4b026d6fb61b9" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/4 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 1661, - "CodeBytes": 0, - "Lines": 37, - "Code": 26, - "Comment": 0, - "Blank": 11, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 350, - "CodeBytes": 0, - "Lines": 13, - "Code": 13, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 816.9200797237463, - "estimatedScheduleMonths_low": 0.9555536125664593, - "estimatedPeople_low": 0.08328638656948481, - "estimatedCost_high": 2545.879762131825, - "estimatedScheduleMonths_high": 0.9555536125664593, - "estimatedPeople_high": 0.08328638656948481, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 2 37 11 0 26 0\n(ULOC) 27\n-------------------------------------------------------------------------------\nHTML 1 13 0 0 13 0\n(ULOC) 13\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 3 50 11 0 39 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 40\nDRYness % 0.80\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $895\nEstimated Schedule Effort (organic) 0.96 months\nEstimated People Required (organic) 0.08\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 2011 bytes, 0.002 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [ - [ - "hpt-validator-tool", - "1 day 13:24:28" - ] + "score": 2.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/4 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 1661, + "CodeBytes": 0, + "Lines": 37, + "Code": 26, + "Comment": 0, + "Blank": 11, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 350, + "CodeBytes": 0, + "Lines": 13, + "Code": 13, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 816.9200797237463, + "estimatedScheduleMonths_low": 0.9555536125664593, + "estimatedPeople_low": 0.08328638656948481, + "estimatedCost_high": 2545.879762131825, + "estimatedScheduleMonths_high": 0.9555536125664593, + "estimatedPeople_high": 0.08328638656948481, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 2 37 11 0 26 0\n(ULOC) 27\n-------------------------------------------------------------------------------\nHTML 1 13 0 0 13 0\n(ULOC) 13\n───────────────────────────────────────────────────────────────────────────────\nTotal 3 50 11 0 39 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 40\nDRYness % 0.80\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $895\nEstimated Schedule Effort (organic) 0.96 months\nEstimated People Required (organic) 0.08\n───────────────────────────────────────────────────────────────────────────────\nProcessed 2011 bytes, 0.002 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [ + [ + "hpt-validator-tool", + "1 day 13:24:28" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@babel/core", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "@babel/eslint-parser", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "@babel/preset-env", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "@babel/preset-react", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "@rollup/plugin-babel", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "@trussworks/react-uswds", + 0.602739726, + "2023-12-14T20:13:00.000" + ], + [ + "@types/papaparse", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "@uswds/uswds", + 1.3424657534, + "2023-12-14T20:13:00.000" + ], + [ + "@vitejs/plugin-react", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "buffer", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "classnames", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "clipboard", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "eslint", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "eslint-config-prettier", + 0.3315068493, + "2023-12-14T20:13:00.000" + ], + [ + "eslint-plugin-import", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "eslint-plugin-prettier", + 1.2794520548, + "2023-12-14T20:13:00.000" + ], + [ + "eslint-plugin-react", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "esm", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "hpt-validator", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "prettier", + 0.6328767123, + "2023-12-14T20:13:00.000" + ], + [ + "prettier-eslint", + 1.4219178082, + "2023-12-14T20:13:00.000" + ], + [ + "prop-types", + 0.0, + "2023-12-14T20:13:00.000" + ], + [ + "react", + -1.4931506849, + "2023-12-14T20:13:00.000" + ], + [ + "react-dom", + -1.4931506849, + "2023-12-14T20:13:00.000" ], - "repo_dependency_libyear_list": [ - [ - "@babel/core", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "@babel/eslint-parser", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "@babel/preset-env", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "@babel/preset-react", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "@rollup/plugin-babel", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "@trussworks/react-uswds", - 0.602739726, - "2023-12-14T20:13:00.000" - ], - [ - "@types/papaparse", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "@uswds/uswds", - 1.3424657534, - "2023-12-14T20:13:00.000" - ], - [ - "@vitejs/plugin-react", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "buffer", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "classnames", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "clipboard", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "eslint", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "eslint-config-prettier", - 0.3315068493, - "2023-12-14T20:13:00.000" - ], - [ - "eslint-plugin-import", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "eslint-plugin-prettier", - 1.2794520548, - "2023-12-14T20:13:00.000" - ], - [ - "eslint-plugin-react", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "esm", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "hpt-validator", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "prettier", - 0.6328767123, - "2023-12-14T20:13:00.000" - ], - [ - "prettier-eslint", - 1.4219178082, - "2023-12-14T20:13:00.000" - ], - [ - "prop-types", - 0.0, - "2023-12-14T20:13:00.000" - ], - [ - "react", - -1.4931506849, - "2023-12-14T20:13:00.000" - ], - [ - "react-dom", - -1.4931506849, - "2023-12-14T20:13:00.000" - ], - [ - "vite", - 0.0273972603, - "2023-12-14T20:13:00.000" - ] + [ + "vite", + 0.0273972603, + "2023-12-14T20:13:00.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/hpt-validator/hpt-validator_data.json b/app/site/_data/CMSgov/hpt-validator/hpt-validator_data.json index 8022ee5e36..a4c8762ef9 100644 --- a/app/site/_data/CMSgov/hpt-validator/hpt-validator_data.json +++ b/app/site/_data/CMSgov/hpt-validator/hpt-validator_data.json @@ -1,488 +1,488 @@ { - "url": "https://github.com/CMSgov/hpt-validator", - "owner": "CMSgov", - "name": "hpt-validator", - "description": "Validation library for CMS Hospital Price Transparency machine-readable files", - "commits_count": 165, - "issues_count": 6, - "open_issues_count": 0, - "closed_issues_count": 6, - "pull_requests_count": 59, - "open_pull_requests_count": 4, - "merged_pull_requests_count": 48, - "closed_pull_requests_count": 7, - "forks_count": 6, - "stargazers_count": 4, - "watchers_count": 10, - "total_project_lines": 8784, - "average_project_lines": 142, - "total_project_comment_lines": 213, - "average_project_comment_lines": 3, - "total_project_blank_lines": 388, - "average_blank_lines": 6, - "commits_by_month": { - "2024/11": 2, - "2024/10": 1, - "2024/9": 2, - "2024/8": 4, - "2024/7": 5, - "2024/6": 12, - "2024/5": 4 + "url": "https://github.com/CMSgov/hpt-validator", + "owner": "CMSgov", + "name": "hpt-validator", + "description": "Validation library for CMS Hospital Price Transparency machine-readable files", + "commits_count": 165, + "issues_count": 6, + "open_issues_count": 0, + "closed_issues_count": 6, + "pull_requests_count": 59, + "open_pull_requests_count": 4, + "merged_pull_requests_count": 48, + "closed_pull_requests_count": 7, + "forks_count": 6, + "stargazers_count": 4, + "watchers_count": 10, + "total_project_lines": 8784, + "average_project_lines": 142, + "total_project_comment_lines": 213, + "average_project_comment_lines": 3, + "total_project_blank_lines": 388, + "average_blank_lines": 6, + "commits_by_month": { + "2024/11": 2, + "2024/10": 1, + "2024/9": 2, + "2024/8": 4, + "2024/7": 5, + "2024/6": 12, + "2024/5": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-19T05:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [ + [ + "2024-11-13T06:00:00.000Z", + 1 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2023-04-27T14:26:38Z", + "ossf_scorecard": { + "date": "2025-02-23T16:42:18Z", + "repo": { + "name": "github.com/CMSgov/hpt-validator", + "commit": "a9d249388cb591703e4d1f7d9a4e216f32661558" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-19T05:00:00.000Z", - 1 - ] + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" + }, + "score": 5.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "19 out of 19 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 5, + "reason": "Found 12/24 approved changesets -- score normalized to 5", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 3 contributing companies or organizations -- score normalized to 10", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 2, + "reason": "dependency not pinned by hash detected -- score normalized to 2", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool is run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 8, + "reason": "2 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [ - [ - "2024-11-13T06:00:00.000Z", - 1 - ] + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "TypeScript", + "Bytes": 186801, + "CodeBytes": 0, + "Lines": 6098, + "Code": 5600, + "Comment": 213, + "Blank": 285, + "Complexity": 524, + "Count": 23, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 72154, + "CodeBytes": 0, + "Lines": 2177, + "Code": 2176, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 17, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 43681, + "CodeBytes": 0, + "Lines": 158, + "Code": 158, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 9692, + "CodeBytes": 0, + "Lines": 254, + "Code": 168, + "Comment": 0, + "Blank": 86, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1121, + "CodeBytes": 0, + "Lines": 59, + "Code": 46, + "Comment": 0, + "Blank": 13, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 1009, + "CodeBytes": 0, + "Lines": 38, + "Code": 35, + "Comment": 0, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2023-04-27T14:26:38Z", - "ossf_scorecard": { - "date": "2025-02-23T16:42:18Z", - "repo": { - "name": "github.com/CMSgov/hpt-validator", - "commit": "a9d249388cb591703e4d1f7d9a4e216f32661558" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "19 out of 19 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 5, - "reason": "Found 12/24 approved changesets -- score normalized to 5", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 3 contributing companies or organizations -- score normalized to 10", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 2, - "reason": "dependency not pinned by hash detected -- score normalized to 2", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool is run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 8, - "reason": "2 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "TypeScript", - "Bytes": 186801, - "CodeBytes": 0, - "Lines": 6098, - "Code": 5600, - "Comment": 213, - "Blank": 285, - "Complexity": 524, - "Count": 23, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 72154, - "CodeBytes": 0, - "Lines": 2177, - "Code": 2176, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 17, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 43681, - "CodeBytes": 0, - "Lines": 158, - "Code": 158, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 9692, - "CodeBytes": 0, - "Lines": 254, - "Code": 168, - "Comment": 0, - "Blank": 86, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1121, - "CodeBytes": 0, - "Lines": 59, - "Code": 46, - "Comment": 0, - "Blank": 13, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 1009, - "CodeBytes": 0, - "Lines": 38, - "Code": 35, - "Comment": 0, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 223933.93539346402, - "estimatedScheduleMonths_low": 8.066263193066664, - "estimatedPeople_low": 2.7045625620069673, - "estimatedCost_high": 697875.9468925606, - "estimatedScheduleMonths_high": 8.066263193066664, - "estimatedPeople_high": 2.7045625620069673, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTypeScript 23 6098 285 213 5600 524\n(ULOC) 2612\n-------------------------------------------------------------------------------\nJSON 17 2177 1 0 2176 0\n(ULOC) 237\n-------------------------------------------------------------------------------\nCSV 13 158 0 0 158 0\n(ULOC) 99\n-------------------------------------------------------------------------------\nMarkdown 6 254 86 0 168 0\n(ULOC) 149\n-------------------------------------------------------------------------------\nYAML 2 59 13 0 46 0\n(ULOC) 38\n-------------------------------------------------------------------------------\nJavaScript 1 38 3 0 35 0\n(ULOC) 35\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 62 8784 388 213 8183 524\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 3147\nDRYness % 0.36\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $245,557\nEstimated Schedule Effort (organic) 8.07 months\nEstimated People Required (organic) 2.70\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 314458 bytes, 0.314 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "TypeScript": 186801, - "JavaScript": 1009 - }, - "average_issue_resolution_time": [ - [ - "hpt-validator", - "12 days 17:49:15.5" - ] + "estimatedCost_low": 223933.93539346402, + "estimatedScheduleMonths_low": 8.066263193066664, + "estimatedPeople_low": 2.7045625620069673, + "estimatedCost_high": 697875.9468925606, + "estimatedScheduleMonths_high": 8.066263193066664, + "estimatedPeople_high": 2.7045625620069673, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 23 6098 285 213 5600 524\n(ULOC) 2612\n-------------------------------------------------------------------------------\nJSON 17 2177 1 0 2176 0\n(ULOC) 237\n-------------------------------------------------------------------------------\nCSV 13 158 0 0 158 0\n(ULOC) 99\n-------------------------------------------------------------------------------\nMarkdown 6 254 86 0 168 0\n(ULOC) 149\n-------------------------------------------------------------------------------\nYAML 2 59 13 0 46 0\n(ULOC) 38\n-------------------------------------------------------------------------------\nJavaScript 1 38 3 0 35 0\n(ULOC) 35\n───────────────────────────────────────────────────────────────────────────────\nTotal 62 8784 388 213 8183 524\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3147\nDRYness % 0.36\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $245,557\nEstimated Schedule Effort (organic) 8.07 months\nEstimated People Required (organic) 2.70\n───────────────────────────────────────────────────────────────────────────────\nProcessed 314458 bytes, 0.314 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 186801, + "JavaScript": 1009 + }, + "average_issue_resolution_time": [ + [ + "hpt-validator", + "12 days 17:49:15.5" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@streamparser/json", + 0.0, + "2025-03-01T04:36:24.000" + ], + [ + "@types/node", + -0.002739726, + "2025-03-01T04:36:24.000" + ], + [ + "@types/node", + 0.7424657534, + "2024-08-25T01:17:58.000" + ], + [ + "@types/papaparse", + 0.0, + "2025-03-01T04:36:24.000" + ], + [ + "@types/papaparse", + 0.1726027397, + "2024-08-25T01:17:58.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 0.3561643836, + "2025-03-01T04:36:24.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 0.5342465753, + "2024-08-25T01:17:58.000" + ], + [ + "@typescript-eslint/parser", + 0.3561643836, + "2025-03-01T04:36:24.000" + ], + [ + "@typescript-eslint/parser", + 0.5342465753, + "2024-08-25T01:17:58.000" + ], + [ + "ajv", + 0.0, + "2025-03-01T04:36:24.000" + ], + [ + "ajv-formats", + 0.0, + "2025-03-01T04:36:24.000" + ], + [ + "ajv-formats", + 2.6273972603, + "2024-08-25T01:17:58.000" + ], + [ + "ava", + 0.0, + "2025-03-01T04:36:24.000" + ], + [ + "ava", + 0.8876712329, + "2024-08-25T01:17:58.000" + ], + [ + "eslint", + 0.0, + "2025-03-01T04:36:24.000" + ], + [ + "eslint", + 0.495890411, + "2024-08-25T01:17:58.000" + ], + [ + "eslint-config-prettier", + 0.0, + "2024-08-25T01:17:58.000" + ], + [ + "eslint-config-prettier", + 1.2383561644, + "2025-03-01T04:36:24.000" + ], + [ + "eslint-plugin-prettier", + 0.0, + "2024-08-25T01:17:58.000" + ], + [ + "esm", + 0.0, + "2025-03-01T04:36:24.000" + ], + [ + "npx", + 0.0, + "2024-08-25T01:17:58.000" + ], + [ + "papaparse", + 0.0, + "2025-03-01T04:36:24.000" + ], + [ + "prettier", + 0.0, + "2025-03-01T04:36:24.000" + ], + [ + "ts-node", + 0.0, + "2025-03-01T04:36:24.000" + ], + [ + "typescript", + -0.0904109589, + "2024-08-25T01:17:58.000" ], - "repo_dependency_libyear_list": [ - [ - "@streamparser/json", - 0.0, - "2025-03-01T04:36:24.000" - ], - [ - "@types/node", - -0.002739726, - "2025-03-01T04:36:24.000" - ], - [ - "@types/node", - 0.7424657534, - "2024-08-25T01:17:58.000" - ], - [ - "@types/papaparse", - 0.0, - "2025-03-01T04:36:24.000" - ], - [ - "@types/papaparse", - 0.1726027397, - "2024-08-25T01:17:58.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 0.3561643836, - "2025-03-01T04:36:24.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 0.5342465753, - "2024-08-25T01:17:58.000" - ], - [ - "@typescript-eslint/parser", - 0.3561643836, - "2025-03-01T04:36:24.000" - ], - [ - "@typescript-eslint/parser", - 0.5342465753, - "2024-08-25T01:17:58.000" - ], - [ - "ajv", - 0.0, - "2025-03-01T04:36:24.000" - ], - [ - "ajv-formats", - 0.0, - "2025-03-01T04:36:24.000" - ], - [ - "ajv-formats", - 2.6273972603, - "2024-08-25T01:17:58.000" - ], - [ - "ava", - 0.0, - "2025-03-01T04:36:24.000" - ], - [ - "ava", - 0.8876712329, - "2024-08-25T01:17:58.000" - ], - [ - "eslint", - 0.0, - "2025-03-01T04:36:24.000" - ], - [ - "eslint", - 0.495890411, - "2024-08-25T01:17:58.000" - ], - [ - "eslint-config-prettier", - 0.0, - "2024-08-25T01:17:58.000" - ], - [ - "eslint-config-prettier", - 1.2383561644, - "2025-03-01T04:36:24.000" - ], - [ - "eslint-plugin-prettier", - 0.0, - "2024-08-25T01:17:58.000" - ], - [ - "esm", - 0.0, - "2025-03-01T04:36:24.000" - ], - [ - "npx", - 0.0, - "2024-08-25T01:17:58.000" - ], - [ - "papaparse", - 0.0, - "2025-03-01T04:36:24.000" - ], - [ - "prettier", - 0.0, - "2025-03-01T04:36:24.000" - ], - [ - "ts-node", - 0.0, - "2025-03-01T04:36:24.000" - ], - [ - "typescript", - -0.0904109589, - "2024-08-25T01:17:58.000" - ], - [ - "typescript", - 0.0, - "2025-03-01T04:36:24.000" - ] + [ + "typescript", + 0.0, + "2025-03-01T04:36:24.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/httpie-edgegrid/httpie-edgegrid_data.json b/app/site/_data/CMSgov/httpie-edgegrid/httpie-edgegrid_data.json index ef466e8fa8..185ca3043b 100644 --- a/app/site/_data/CMSgov/httpie-edgegrid/httpie-edgegrid_data.json +++ b/app/site/_data/CMSgov/httpie-edgegrid/httpie-edgegrid_data.json @@ -1,329 +1,329 @@ { - "url": "https://github.com/CMSgov/httpie-edgegrid", - "owner": "CMSgov", - "name": "httpie-edgegrid", - "description": "Plugin for httpie to allow edge grid authentication for Akamai", - "commits_count": 34, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 2, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 503, - "average_project_lines": 84, - "total_project_comment_lines": 27, - "average_project_comment_lines": 5, - "total_project_blank_lines": 90, - "average_blank_lines": 15, - "commits_by_month": { - "2016/6": 2, - "2016/2": 2, - "2016/1": 2, - "2015/10": 1, - "2015/9": 1, - "2015/8": 2, - "2015/7": 6, - "2015/6": 13, - "2013/9": 1 + "url": "https://github.com/CMSgov/httpie-edgegrid", + "owner": "CMSgov", + "name": "httpie-edgegrid", + "description": "Plugin for httpie to allow edge grid authentication for Akamai", + "commits_count": 34, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 2, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 503, + "average_project_lines": 84, + "total_project_comment_lines": 27, + "average_project_comment_lines": 5, + "total_project_blank_lines": 90, + "average_blank_lines": 15, + "commits_by_month": { + "2016/6": 2, + "2016/2": 2, + "2016/1": 2, + "2015/10": 1, + "2015/9": 1, + "2015/8": 2, + "2015/7": 6, + "2015/6": 13, + "2013/9": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2017-06-27T18:24:25Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:50Z", + "repo": { + "name": "github.com/CMSgov/httpie-edgegrid", + "commit": "e494e09e21be617d778f6e6fd2ebbdf97f26bc2a" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2017-06-27T18:24:25Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:50Z", - "repo": { - "name": "github.com/CMSgov/httpie-edgegrid", - "commit": "e494e09e21be617d778f6e6fd2ebbdf97f26bc2a" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Python", - "Bytes": 7851, - "CodeBytes": 0, - "Lines": 249, - "Code": 184, - "Comment": 27, - "Blank": 38, - "Complexity": 24, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Autoconf", - "Bytes": 22, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 11324, - "CodeBytes": 0, - "Lines": 201, - "Code": 169, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "ReStructuredText", - "Bytes": 1194, - "CodeBytes": 0, - "Lines": 52, - "Code": 32, - "Comment": 0, - "Blank": 20, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 9067.308739285427, - "estimatedScheduleMonths_low": 2.3848914416374694, - "estimatedPeople_low": 0.37039003726280273, - "estimatedCost_high": 28257.6942216356, - "estimatedScheduleMonths_high": 2.3848914416374694, - "estimatedPeople_high": 0.37039003726280273, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nPython 3 249 38 27 184 24\n(ULOC) 197\n-------------------------------------------------------------------------------\nAutoconf 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nReStructuredText 1 52 20 0 32 0\n(ULOC) 25\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 6 503 90 27 386 24\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 389\nDRYness % 0.77\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $9,942\nEstimated Schedule Effort (organic) 2.38 months\nEstimated People Required (organic) 0.37\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 20391 bytes, 0.020 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Python": 7851 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "edgegrid-python", - 0.0, - "2025-03-01T04:26:55.000" - ], - [ - "httpie", - 0.0, - "2025-03-01T04:26:55.000" - ], - [ - "pyOpenSSL", - 0.0, - "2025-03-01T04:26:55.000" - ] + "score": 2.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Python", + "Bytes": 7851, + "CodeBytes": 0, + "Lines": 249, + "Code": 184, + "Comment": 27, + "Blank": 38, + "Complexity": 24, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Autoconf", + "Bytes": 22, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 11324, + "CodeBytes": 0, + "Lines": 201, + "Code": 169, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "ReStructuredText", + "Bytes": 1194, + "CodeBytes": 0, + "Lines": 52, + "Code": 32, + "Comment": 0, + "Blank": 20, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 9067.308739285427, + "estimatedScheduleMonths_low": 2.3848914416374694, + "estimatedPeople_low": 0.37039003726280273, + "estimatedCost_high": 28257.6942216356, + "estimatedScheduleMonths_high": 2.3848914416374694, + "estimatedPeople_high": 0.37039003726280273, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nPython 3 249 38 27 184 24\n(ULOC) 197\n-------------------------------------------------------------------------------\nAutoconf 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nReStructuredText 1 52 20 0 32 0\n(ULOC) 25\n───────────────────────────────────────────────────────────────────────────────\nTotal 6 503 90 27 386 24\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 389\nDRYness % 0.77\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $9,942\nEstimated Schedule Effort (organic) 2.38 months\nEstimated People Required (organic) 0.37\n───────────────────────────────────────────────────────────────────────────────\nProcessed 20391 bytes, 0.020 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Python": 7851 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "edgegrid-python", + 0.0, + "2025-03-01T04:26:55.000" + ], + [ + "httpie", + 0.0, + "2025-03-01T04:26:55.000" + ], + [ + "pyOpenSSL", + 0.0, + "2025-03-01T04:26:55.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/inspec-k8s-node/inspec-k8s-node_data.json b/app/site/_data/CMSgov/inspec-k8s-node/inspec-k8s-node_data.json index c2257dc9dc..7e4b677679 100644 --- a/app/site/_data/CMSgov/inspec-k8s-node/inspec-k8s-node_data.json +++ b/app/site/_data/CMSgov/inspec-k8s-node/inspec-k8s-node_data.json @@ -1,290 +1,290 @@ { - "url": "https://github.com/CMSgov/inspec-k8s-node", - "owner": "CMSgov", - "name": "inspec-k8s-node", - "description": null, - "commits_count": 1, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 16, - "total_project_lines": 517, - "average_project_lines": 43, - "total_project_comment_lines": 18, - "average_project_comment_lines": 2, - "total_project_blank_lines": 112, - "average_blank_lines": 9, - "commits_by_month": { - "2022/3": 1 + "url": "https://github.com/CMSgov/inspec-k8s-node", + "owner": "CMSgov", + "name": "inspec-k8s-node", + "description": null, + "commits_count": 1, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 16, + "total_project_lines": 517, + "average_project_lines": 43, + "total_project_comment_lines": 18, + "average_project_comment_lines": 2, + "total_project_blank_lines": 112, + "average_blank_lines": 9, + "commits_by_month": { + "2022/3": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2022-03-08T17:56:25Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:25Z", + "repo": { + "name": "github.com/CMSgov/inspec-k8s-node", + "commit": "a3e6144decdf5f29abc1b26607cd99bc19f3d4b1" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2022-03-08T17:56:25Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:25Z", - "repo": { - "name": "github.com/CMSgov/inspec-k8s-node", - "commit": "a3e6144decdf5f29abc1b26607cd99bc19f3d4b1" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/1 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Ruby", - "Bytes": 9511, - "CodeBytes": 0, - "Lines": 365, - "Code": 276, - "Comment": 18, - "Blank": 71, - "Complexity": 32, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 2915, - "CodeBytes": 0, - "Lines": 140, - "Code": 100, - "Comment": 0, - "Blank": 40, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 463, - "CodeBytes": 0, - "Lines": 12, - "Code": 11, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 9091.975294453812, - "estimatedScheduleMonths_low": 2.3873547367452197, - "estimatedPeople_low": 0.37101442854661093, - "estimatedCost_high": 28334.565980775045, - "estimatedScheduleMonths_high": 2.3873547367452197, - "estimatedPeople_high": 0.37101442854661093, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nRuby 10 365 71 18 276 32\n(ULOC) 171\n-------------------------------------------------------------------------------\nMarkdown 1 140 40 0 100 0\n(ULOC) 65\n-------------------------------------------------------------------------------\nYAML 1 12 1 0 11 0\n(ULOC) 12\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 12 517 112 18 387 32\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 238\nDRYness % 0.46\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $9,969\nEstimated Schedule Effort (organic) 2.39 months\nEstimated People Required (organic) 0.37\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 12889 bytes, 0.013 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Ruby": 9511 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/1 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Ruby", + "Bytes": 9511, + "CodeBytes": 0, + "Lines": 365, + "Code": 276, + "Comment": 18, + "Blank": 71, + "Complexity": 32, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 2915, + "CodeBytes": 0, + "Lines": 140, + "Code": 100, + "Comment": 0, + "Blank": 40, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 463, + "CodeBytes": 0, + "Lines": 12, + "Code": 11, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 9091.975294453812, + "estimatedScheduleMonths_low": 2.3873547367452197, + "estimatedPeople_low": 0.37101442854661093, + "estimatedCost_high": 28334.565980775045, + "estimatedScheduleMonths_high": 2.3873547367452197, + "estimatedPeople_high": 0.37101442854661093, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nRuby 10 365 71 18 276 32\n(ULOC) 171\n-------------------------------------------------------------------------------\nMarkdown 1 140 40 0 100 0\n(ULOC) 65\n-------------------------------------------------------------------------------\nYAML 1 12 1 0 11 0\n(ULOC) 12\n───────────────────────────────────────────────────────────────────────────────\nTotal 12 517 112 18 387 32\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 238\nDRYness % 0.46\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $9,969\nEstimated Schedule Effort (organic) 2.39 months\nEstimated People Required (organic) 0.37\n───────────────────────────────────────────────────────────────────────────────\nProcessed 12889 bytes, 0.013 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Ruby": 9511 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/k8s-cluster-stig-baseline/k8s-cluster-stig-baseline_data.json b/app/site/_data/CMSgov/k8s-cluster-stig-baseline/k8s-cluster-stig-baseline_data.json index 0b1d479473..1125a38a90 100644 --- a/app/site/_data/CMSgov/k8s-cluster-stig-baseline/k8s-cluster-stig-baseline_data.json +++ b/app/site/_data/CMSgov/k8s-cluster-stig-baseline/k8s-cluster-stig-baseline_data.json @@ -1,306 +1,306 @@ { - "url": "https://github.com/CMSgov/k8s-cluster-stig-baseline", - "owner": "CMSgov", - "name": "k8s-cluster-stig-baseline", - "description": null, - "commits_count": 2, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 2, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 2, - "stargazers_count": 2, - "watchers_count": 16, - "total_project_lines": 982, - "average_project_lines": 65, - "total_project_comment_lines": 19, - "average_project_comment_lines": 1, - "total_project_blank_lines": 142, - "average_blank_lines": 9, - "commits_by_month": { - "2022/10": 1, - "2022/3": 1 + "url": "https://github.com/CMSgov/k8s-cluster-stig-baseline", + "owner": "CMSgov", + "name": "k8s-cluster-stig-baseline", + "description": null, + "commits_count": 2, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 2, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 2, + "stargazers_count": 2, + "watchers_count": 16, + "total_project_lines": 982, + "average_project_lines": 65, + "total_project_comment_lines": 19, + "average_project_comment_lines": 1, + "total_project_blank_lines": 142, + "average_blank_lines": 9, + "commits_by_month": { + "2022/10": 1, + "2022/3": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2022-03-08T17:58:43Z", + "ossf_scorecard": { + "date": "2025-02-23T16:42:15Z", + "repo": { + "name": "github.com/CMSgov/k8s-cluster-stig-baseline", + "commit": "ee37e7ed0ee3c6d936e6d1e3df682784396471ef" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2022-03-08T17:58:43Z", - "ossf_scorecard": { - "date": "2025-02-23T16:42:15Z", - "repo": { - "name": "github.com/CMSgov/k8s-cluster-stig-baseline", - "commit": "ee37e7ed0ee3c6d936e6d1e3df682784396471ef" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/2 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Ruby", - "Bytes": 29134, - "CodeBytes": 0, - "Lines": 809, - "Code": 696, - "Comment": 19, - "Blank": 94, - "Complexity": 30, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 91, - "CodeBytes": 0, - "Lines": 5, - "Code": 4, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 9039, - "CodeBytes": 0, - "Lines": 146, - "Code": 101, - "Comment": 0, - "Blank": 45, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 718, - "CodeBytes": 0, - "Lines": 22, - "Code": 20, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 20027.283640866608, - "estimatedScheduleMonths_low": 3.222873060110052, - "estimatedPeople_low": 0.6053804006835333, - "estimatedCost_high": 62413.76283589222, - "estimatedScheduleMonths_high": 3.222873060110052, - "estimatedPeople_high": 0.6053804006835333, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nRuby 12 809 94 19 696 30\n(ULOC) 480\n-------------------------------------------------------------------------------\nGemfile 1 5 1 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nMarkdown 1 146 45 0 101 0\n(ULOC) 90\n-------------------------------------------------------------------------------\nYAML 1 22 2 0 20 0\n(ULOC) 21\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 15 982 142 19 821 30\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 593\nDRYness % 0.60\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $21,961\nEstimated Schedule Effort (organic) 3.22 months\nEstimated People Required (organic) 0.61\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 38982 bytes, 0.039 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Ruby": 29225 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/2 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Ruby", + "Bytes": 29134, + "CodeBytes": 0, + "Lines": 809, + "Code": 696, + "Comment": 19, + "Blank": 94, + "Complexity": 30, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 91, + "CodeBytes": 0, + "Lines": 5, + "Code": 4, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 9039, + "CodeBytes": 0, + "Lines": 146, + "Code": 101, + "Comment": 0, + "Blank": 45, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 718, + "CodeBytes": 0, + "Lines": 22, + "Code": 20, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 20027.283640866608, + "estimatedScheduleMonths_low": 3.222873060110052, + "estimatedPeople_low": 0.6053804006835333, + "estimatedCost_high": 62413.76283589222, + "estimatedScheduleMonths_high": 3.222873060110052, + "estimatedPeople_high": 0.6053804006835333, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nRuby 12 809 94 19 696 30\n(ULOC) 480\n-------------------------------------------------------------------------------\nGemfile 1 5 1 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nMarkdown 1 146 45 0 101 0\n(ULOC) 90\n-------------------------------------------------------------------------------\nYAML 1 22 2 0 20 0\n(ULOC) 21\n───────────────────────────────────────────────────────────────────────────────\nTotal 15 982 142 19 821 30\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 593\nDRYness % 0.60\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $21,961\nEstimated Schedule Effort (organic) 3.22 months\nEstimated People Required (organic) 0.61\n───────────────────────────────────────────────────────────────────────────────\nProcessed 38982 bytes, 0.039 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Ruby": 29225 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/k8s-node-stig-baseline/k8s-node-stig-baseline_data.json b/app/site/_data/CMSgov/k8s-node-stig-baseline/k8s-node-stig-baseline_data.json index 18f791abfe..27376dfc7c 100644 --- a/app/site/_data/CMSgov/k8s-node-stig-baseline/k8s-node-stig-baseline_data.json +++ b/app/site/_data/CMSgov/k8s-node-stig-baseline/k8s-node-stig-baseline_data.json @@ -1,291 +1,291 @@ { - "url": "https://github.com/CMSgov/k8s-node-stig-baseline", - "owner": "CMSgov", - "name": "k8s-node-stig-baseline", - "description": null, - "commits_count": 3, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 2, - "watchers_count": 16, - "total_project_lines": 4495, - "average_project_lines": 54, - "total_project_comment_lines": 83, - "average_project_comment_lines": 1, - "total_project_blank_lines": 581, - "average_blank_lines": 7, - "commits_by_month": { - "2022/10": 1, - "2022/3": 2 + "url": "https://github.com/CMSgov/k8s-node-stig-baseline", + "owner": "CMSgov", + "name": "k8s-node-stig-baseline", + "description": null, + "commits_count": 3, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 2, + "watchers_count": 16, + "total_project_lines": 4495, + "average_project_lines": 54, + "total_project_comment_lines": 83, + "average_project_comment_lines": 1, + "total_project_blank_lines": 581, + "average_blank_lines": 7, + "commits_by_month": { + "2022/10": 1, + "2022/3": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2022-03-08T17:59:46Z", + "ossf_scorecard": { + "date": "2025-02-23T16:43:00Z", + "repo": { + "name": "github.com/CMSgov/k8s-node-stig-baseline", + "commit": "2f7544d9b16294f3c5f9d7e6d3291b16192642b5" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2022-03-08T17:59:46Z", - "ossf_scorecard": { - "date": "2025-02-23T16:43:00Z", - "repo": { - "name": "github.com/CMSgov/k8s-node-stig-baseline", - "commit": "2f7544d9b16294f3c5f9d7e6d3291b16192642b5" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/3 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Ruby", - "Bytes": 147449, - "CodeBytes": 0, - "Lines": 4211, - "Code": 3599, - "Comment": 83, - "Blank": 529, - "Complexity": 122, - "Count": 81, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 14753, - "CodeBytes": 0, - "Lines": 228, - "Code": 184, - "Comment": 0, - "Blank": 44, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1749, - "CodeBytes": 0, - "Lines": 56, - "Code": 48, - "Comment": 0, - "Blank": 8, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 100934.46682727146, - "estimatedScheduleMonths_low": 5.95884143744277, - "estimatedPeople_low": 1.650164242500498, - "estimatedCost_high": 314555.88224005175, - "estimatedScheduleMonths_high": 5.95884143744277, - "estimatedPeople_high": 1.650164242500498, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nRuby 81 4211 529 83 3599 122\n(ULOC) 1633\n-------------------------------------------------------------------------------\nMarkdown 1 228 44 0 184 0\n(ULOC) 169\n-------------------------------------------------------------------------------\nYAML 1 56 8 0 48 0\n(ULOC) 40\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 83 4495 581 83 3831 122\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1822\nDRYness % 0.41\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $110,681\nEstimated Schedule Effort (organic) 5.96 months\nEstimated People Required (organic) 1.65\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 163951 bytes, 0.164 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Ruby": 147449 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/3 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Ruby", + "Bytes": 147449, + "CodeBytes": 0, + "Lines": 4211, + "Code": 3599, + "Comment": 83, + "Blank": 529, + "Complexity": 122, + "Count": 81, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 14753, + "CodeBytes": 0, + "Lines": 228, + "Code": 184, + "Comment": 0, + "Blank": 44, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1749, + "CodeBytes": 0, + "Lines": 56, + "Code": 48, + "Comment": 0, + "Blank": 8, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 100934.46682727146, + "estimatedScheduleMonths_low": 5.95884143744277, + "estimatedPeople_low": 1.650164242500498, + "estimatedCost_high": 314555.88224005175, + "estimatedScheduleMonths_high": 5.95884143744277, + "estimatedPeople_high": 1.650164242500498, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nRuby 81 4211 529 83 3599 122\n(ULOC) 1633\n-------------------------------------------------------------------------------\nMarkdown 1 228 44 0 184 0\n(ULOC) 169\n-------------------------------------------------------------------------------\nYAML 1 56 8 0 48 0\n(ULOC) 40\n───────────────────────────────────────────────────────────────────────────────\nTotal 83 4495 581 83 3831 122\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1822\nDRYness % 0.41\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $110,681\nEstimated Schedule Effort (organic) 5.96 months\nEstimated People Required (organic) 1.65\n───────────────────────────────────────────────────────────────────────────────\nProcessed 163951 bytes, 0.164 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Ruby": 147449 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/lambda-clamav-layer/lambda-clamav-layer_data.json b/app/site/_data/CMSgov/lambda-clamav-layer/lambda-clamav-layer_data.json index 291f350556..c33b2ac295 100644 --- a/app/site/_data/CMSgov/lambda-clamav-layer/lambda-clamav-layer_data.json +++ b/app/site/_data/CMSgov/lambda-clamav-layer/lambda-clamav-layer_data.json @@ -1,310 +1,310 @@ { - "url": "https://github.com/CMSgov/lambda-clamav-layer", - "owner": "CMSgov", - "name": "lambda-clamav-layer", - "description": "an AWS Lambda Layer with clamav binaries", - "commits_count": 24, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 4, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 4, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 2, - "watchers_count": 3, - "total_project_lines": 254, - "average_project_lines": 64, - "total_project_comment_lines": 1, - "average_project_comment_lines": 0, - "total_project_blank_lines": 48, - "average_blank_lines": 12, - "commits_by_month": { - "2022/2": 4, - "2020/10": 3, - "2020/9": 1, - "2019/12": 2, - "2019/5": 2, - "2019/4": 12 + "url": "https://github.com/CMSgov/lambda-clamav-layer", + "owner": "CMSgov", + "name": "lambda-clamav-layer", + "description": "an AWS Lambda Layer with clamav binaries", + "commits_count": 24, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 4, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 4, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 2, + "watchers_count": 3, + "total_project_lines": 254, + "average_project_lines": 64, + "total_project_comment_lines": 1, + "average_project_comment_lines": 0, + "total_project_blank_lines": 48, + "average_blank_lines": 12, + "commits_by_month": { + "2022/2": 4, + "2020/10": 3, + "2020/9": 1, + "2019/12": 2, + "2019/5": 2, + "2019/4": 12 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-09-29T14:25:24Z", + "ossf_scorecard": { + "date": "2025-02-23T16:40:46Z", + "repo": { + "name": "github.com/CMSgov/lambda-clamav-layer", + "commit": "d281f5bcc2fcc103840054b7152c1bfcf3fed63b" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-09-29T14:25:24Z", - "ossf_scorecard": { - "date": "2025-02-23T16:40:46Z", - "repo": { - "name": "github.com/CMSgov/lambda-clamav-layer", - "commit": "d281f5bcc2fcc103840054b7152c1bfcf3fed63b" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 4 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 1/22 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 3 contributing companies or organizations -- score normalized to 10", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": 0, - "reason": "Project has not signed or included provenance with any releases.", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "License", - "Bytes": 11357, - "CodeBytes": 0, - "Lines": 201, - "Code": 169, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1073, - "CodeBytes": 0, - "Lines": 40, - "Code": 25, - "Comment": 0, - "Blank": 15, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 152, - "CodeBytes": 0, - "Lines": 5, - "Code": 3, - "Comment": 1, - "Blank": 1, - "Complexity": 1, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 146, - "CodeBytes": 0, - "Lines": 8, - "Code": 8, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 4665.554723951954, - "estimatedScheduleMonths_low": 1.8527212003027547, - "estimatedPeople_low": 0.24532551812120038, - "estimatedCost_high": 14539.906222949636, - "estimatedScheduleMonths_high": 1.8527212003027547, - "estimatedPeople_high": 0.24532551812120038, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nMarkdown 1 40 15 0 25 0\n(ULOC) 26\n-------------------------------------------------------------------------------\nShell 1 5 1 1 3 1\n(ULOC) 5\n-------------------------------------------------------------------------------\nYAML 1 8 0 0 8 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 4 254 48 1 205 1\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 205\nDRYness % 0.81\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $5,116\nEstimated Schedule Effort (organic) 1.85 months\nEstimated People Required (organic) 0.25\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 12728 bytes, 0.013 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Shell": 2656 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 4 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 1/22 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 3 contributing companies or organizations -- score normalized to 10", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": 0, + "reason": "Project has not signed or included provenance with any releases.", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "License", + "Bytes": 11357, + "CodeBytes": 0, + "Lines": 201, + "Code": 169, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1073, + "CodeBytes": 0, + "Lines": 40, + "Code": 25, + "Comment": 0, + "Blank": 15, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 152, + "CodeBytes": 0, + "Lines": 5, + "Code": 3, + "Comment": 1, + "Blank": 1, + "Complexity": 1, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 146, + "CodeBytes": 0, + "Lines": 8, + "Code": 8, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 4665.554723951954, + "estimatedScheduleMonths_low": 1.8527212003027547, + "estimatedPeople_low": 0.24532551812120038, + "estimatedCost_high": 14539.906222949636, + "estimatedScheduleMonths_high": 1.8527212003027547, + "estimatedPeople_high": 0.24532551812120038, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nMarkdown 1 40 15 0 25 0\n(ULOC) 26\n-------------------------------------------------------------------------------\nShell 1 5 1 1 3 1\n(ULOC) 5\n-------------------------------------------------------------------------------\nYAML 1 8 0 0 8 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 4 254 48 1 205 1\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 205\nDRYness % 0.81\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $5,116\nEstimated Schedule Effort (organic) 1.85 months\nEstimated People Required (organic) 0.25\n───────────────────────────────────────────────────────────────────────────────\nProcessed 12728 bytes, 0.013 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Shell": 2656 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/mint-app/mint-app_data.json b/app/site/_data/CMSgov/mint-app/mint-app_data.json index f6b42dbb72..a1946746c1 100644 --- a/app/site/_data/CMSgov/mint-app/mint-app_data.json +++ b/app/site/_data/CMSgov/mint-app/mint-app_data.json @@ -1,2732 +1,2732 @@ { - "url": "https://github.com/CMSgov/mint-app", - "owner": "CMSgov", - "name": "mint-app", - "description": "MINT App", - "commits_count": 1181, - "issues_count": 41, - "open_issues_count": 0, - "closed_issues_count": 41, - "pull_requests_count": 1585, - "open_pull_requests_count": 6, - "merged_pull_requests_count": 1390, - "closed_pull_requests_count": 189, - "forks_count": 1, - "stargazers_count": 3, - "watchers_count": 5, - "total_project_lines": 224865, - "average_project_lines": 102, - "total_project_comment_lines": 10948, - "average_project_comment_lines": 5, - "total_project_blank_lines": 24548, - "average_blank_lines": 11, - "commits_by_month": { - "2025/1": 9, - "2024/12": 17, - "2024/11": 4 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-16T05:00:00.000Z", - 1 - ], - [ - "2024-09-17T05:00:00.000Z", - 3 - ], - [ - "2024-09-23T05:00:00.000Z", - 1 - ], - [ - "2024-10-15T05:00:00.000Z", - 1 - ], - [ - "2024-11-07T06:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [ - [ - "2024-10-30T05:00:00.000Z", - 41 - ] - ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-03-07T18:07:06Z", - "ossf_scorecard": { - "date": "2025-02-23T16:41:07Z", - "repo": { - "name": "github.com/CMSgov/mint-app", - "commit": "c4ac91f11b01fb0aa8191a5e1003afac2229eb15" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.7, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 8, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "27 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "25 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "TypeScript", - "Bytes": 4693137, - "CodeBytes": 0, - "Lines": 122699, - "Code": 107771, - "Comment": 4372, - "Blank": 10556, - "Complexity": 9041, - "Count": 834, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go", - "Bytes": 7579220, - "CodeBytes": 0, - "Lines": 211588, - "Code": 187031, - "Comment": 4770, - "Blank": 19787, - "Complexity": 34803, - "Count": 616, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 691357, - "CodeBytes": 0, - "Lines": 14842, - "Code": 12991, - "Comment": 609, - "Blank": 1242, - "Complexity": 68, - "Count": 375, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 53083, - "CodeBytes": 0, - "Lines": 2876, - "Code": 2405, - "Comment": 36, - "Blank": 435, - "Complexity": 0, - "Count": 89, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "GraphQL", - "Bytes": 157337, - "CodeBytes": 0, - "Lines": 4675, - "Code": 3508, - "Comment": 688, - "Blank": 479, - "Complexity": 289, - "Count": 68, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 134610, - "CodeBytes": 0, - "Lines": 2773, - "Code": 1969, - "Comment": 0, - "Blank": 804, - "Complexity": 0, - "Count": 40, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 25039, - "CodeBytes": 0, - "Lines": 926, - "Code": 765, - "Comment": 16, - "Blank": 145, - "Complexity": 0, - "Count": 38, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 120214, - "CodeBytes": 0, - "Lines": 4021, - "Code": 2745, - "Comment": 352, - "Blank": 924, - "Complexity": 25, - "Count": 35, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 469525, - "CodeBytes": 0, - "Lines": 11857, - "Code": 11853, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 31, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "BASH", - "Bytes": 19072, - "CodeBytes": 0, - "Lines": 637, - "Code": 400, - "Comment": 121, - "Blank": 116, - "Complexity": 49, - "Count": 21, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 52562, - "CodeBytes": 0, - "Lines": 1628, - "Code": 1407, - "Comment": 104, - "Blank": 117, - "Complexity": 0, - "Count": 18, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 11498, - "CodeBytes": 0, - "Lines": 315, - "Code": 170, - "Comment": 86, - "Blank": 59, - "Complexity": 20, - "Count": 15, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go Template", - "Bytes": 1497, - "CodeBytes": 0, - "Lines": 104, - "Code": 103, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript Typings", - "Bytes": 5381, - "CodeBytes": 0, - "Lines": 186, - "Code": 152, - "Comment": 15, - "Blank": 19, - "Complexity": 1, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 171, - "CodeBytes": 0, - "Lines": 16, - "Code": 8, - "Comment": 4, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 1271, - "CodeBytes": 0, - "Lines": 49, - "Code": 32, - "Comment": 4, - "Blank": 13, - "Complexity": 5, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 11357, - "CodeBytes": 0, - "Lines": 201, - "Code": 169, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 57, - "CodeBytes": 0, - "Lines": 2, - "Code": 2, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Ruby", - "Bytes": 13135, - "CodeBytes": 0, - "Lines": 482, - "Code": 439, - "Comment": 16, - "Blank": 27, - "Complexity": 17, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 316, - "CodeBytes": 0, - "Lines": 15, - "Code": 15, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 11000356.775321292, - "estimatedScheduleMonths_low": 35.429203972366786, - "estimatedPeople_low": 30.247876019095912, - "estimatedCost_high": 34281916.169805355, - "estimatedScheduleMonths_high": 35.429203972366786, - "estimatedPeople_high": 30.247876019095912, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTypeScript 834 122699 10556 4372 107771 9041\n(ULOC) 50713\n-------------------------------------------------------------------------------\nGo 616 211588 19787 4770 187031 34803\n(ULOC) 46504\n-------------------------------------------------------------------------------\nSQL 375 14842 1242 609 12991 68\n(ULOC) 7070\n-------------------------------------------------------------------------------\nSass 89 2876 435 36 2405 0\n(ULOC) 1437\n-------------------------------------------------------------------------------\nGraphQL 68 4675 479 688 3508 289\n(ULOC) 2432\n-------------------------------------------------------------------------------\nMarkdown 40 2773 804 0 1969 0\n(ULOC) 1758\n-------------------------------------------------------------------------------\nHTML 38 926 145 16 765 0\n(ULOC) 465\n-------------------------------------------------------------------------------\nJavaScript 35 4021 924 352 2745 25\n(ULOC) 1559\n-------------------------------------------------------------------------------\nJSON 31 11857 4 0 11853 0\n(ULOC) 4895\n-------------------------------------------------------------------------------\nBASH 21 637 116 121 400 49\n(ULOC) 406\n-------------------------------------------------------------------------------\nYAML 18 1628 117 104 1407 0\n(ULOC) 851\n-------------------------------------------------------------------------------\nShell 15 315 59 86 170 20\n(ULOC) 209\n-------------------------------------------------------------------------------\nGo Template 6 104 1 0 103 0\n(ULOC) 57\n-------------------------------------------------------------------------------\nTypeScript Typings 5 186 19 15 152 1\n(ULOC) 154\n-------------------------------------------------------------------------------\nDocker ignore 1 16 4 4 8 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nDockerfile 1 49 13 4 32 5\n(ULOC) 36\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nPlain Text 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nRuby 1 482 27 16 439 17\n(ULOC) 303\n-------------------------------------------------------------------------------\nTOML 1 15 0 0 15 0\n(ULOC) 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 2197 379892 34764 11193 333935 44318\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 117791\nDRYness % 0.31\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $12,062,584\nEstimated Schedule Effort (organic) 35.43 months\nEstimated People Required (organic) 30.25\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 14039839 bytes, 14.040 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/mint-app", + "owner": "CMSgov", + "name": "mint-app", + "description": "MINT App", + "commits_count": 1181, + "issues_count": 41, + "open_issues_count": 0, + "closed_issues_count": 41, + "pull_requests_count": 1585, + "open_pull_requests_count": 6, + "merged_pull_requests_count": 1390, + "closed_pull_requests_count": 189, + "forks_count": 1, + "stargazers_count": 3, + "watchers_count": 5, + "total_project_lines": 224865, + "average_project_lines": 102, + "total_project_comment_lines": 10948, + "average_project_comment_lines": 5, + "total_project_blank_lines": 24548, + "average_blank_lines": 11, + "commits_by_month": { + "2025/1": 9, + "2024/12": 17, + "2024/11": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-16T05:00:00.000Z", + 1 + ], + [ + "2024-09-17T05:00:00.000Z", + 3 + ], + [ + "2024-09-23T05:00:00.000Z", + 1 + ], + [ + "2024-10-15T05:00:00.000Z", + 1 + ], + [ + "2024-11-07T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [ + [ + "2024-10-30T05:00:00.000Z", + 41 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-03-07T18:07:06Z", + "ossf_scorecard": { + "date": "2025-02-23T16:41:07Z", + "repo": { + "name": "github.com/CMSgov/mint-app", + "commit": "c4ac91f11b01fb0aa8191a5e1003afac2229eb15" }, - "predominant_langs": { - "TypeScript": 4693137, - "Go": 1697715, - "JavaScript": 120214, - "SCSS": 53083, - "PLpgSQL": 51293, - "Shell": 30570, - "HTML": 25039, - "Ruby": 13135, - "Dockerfile": 1271 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "mint-app", - "00:04:44.780488" - ] - ], - "repo_dependency_libyear_list": [ - [ - "@apollo/client", - -0.0739726027, - "2024-10-16T20:27:46.000" - ], - [ - "@apollo/client", - -0.002739726, - "2023-09-20T14:27:15.000" - ], - [ - "@apollo/client", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@apollo/client", - 0.0931506849, - "2024-06-08T13:54:33.000" - ], - [ - "@apollo/client", - 0.3260273973, - "2024-08-16T04:24:09.000" - ], - [ - "@apollo/react-testing", - 0.0, - "2024-08-16T04:24:09.000" - ], - [ - "@babel/core", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@babel/plugin-syntax-class-properties", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@babel/preset-env", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@craco/craco", - 0.0, - "2023-09-20T14:27:15.000" - ], - [ - "@cypress/code-coverage", - 0.0, - "2024-10-16T20:27:46.000" - ], - [ - "@cypress/code-coverage", - 0.2082191781, - "2025-03-01T04:33:37.000" - ], - [ - "@cypress/webpack-preprocessor", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@cypress/webpack-preprocessor", - 0.3287671233, - "2023-09-20T14:27:15.000" - ], - [ - "@graphql-codegen/cli", - -0.0849315068, - "2023-09-20T14:27:15.000" - ], - [ - "@graphql-codegen/cli", - 0.0, - "2024-08-16T04:24:09.000" - ], - [ - "@graphql-codegen/cli", - 0.3506849315, - "2025-03-01T04:33:37.000" - ], - [ - "@graphql-codegen/cli", - 0.5369863014, - "2024-03-10T21:51:53.000" - ], - [ - "@graphql-codegen/cli", - 0.6684931507, - "2024-10-16T20:27:46.000" - ], - [ - "@graphql-codegen/client-preset", - -0.1397260274, - "2023-09-20T14:27:15.000" - ], - [ - "@graphql-codegen/client-preset", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@graphql-codegen/client-preset", - 0.5808219178, - "2024-03-10T21:51:53.000" - ], - [ - "@graphql-codegen/client-preset", - 0.8136986301, - "2024-06-08T13:54:33.000" - ], - [ - "@graphql-codegen/client-preset", - 1.0109589041, - "2024-08-16T04:24:09.000" - ], - [ - "@graphql-codegen/client-preset", - 1.2054794521, - "2024-10-16T20:27:46.000" - ], - [ - "@graphql-codegen/introspection", - -1.0, - "2025-03-01T04:33:37.000" - ], - [ - "@graphql-codegen/introspection", - 0.0383561644, - "2024-10-16T20:27:46.000" - ], - [ - "@graphql-codegen/introspection", - 0.7452054795, - "2024-03-10T21:51:53.000" - ], - [ - "@graphql-codegen/typed-document-node", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@graphql-codegen/typed-document-node", - 0.2657534247, - "2024-10-16T20:27:46.000" - ], - [ - "@graphql-codegen/typescript-react-apollo", - -0.4739726027, - "2025-03-01T04:33:37.000" - ], - [ - "@graphql-codegen/typescript-react-apollo", - 0.0, - "2024-10-16T20:27:46.000" - ], - [ - "@json2csv/formatters", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@json2csv/plainjs", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@json2csv/transforms", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@okta/okta-auth-js", - 0.8547945205, - "2023-08-14T17:10:02.000" - ], - [ - "@okta/okta-auth-js", - 0.9342465753, - "2023-09-20T14:27:15.000" - ], - [ - "@okta/okta-auth-js", - 1.3452054795, - "2024-03-10T21:51:53.000" - ], - [ - "@okta/okta-auth-js", - 1.6657534247, - "2024-08-16T04:24:09.000" - ], - [ - "@okta/okta-auth-js", - 1.9342465753, - "2024-10-16T20:27:46.000" - ], - [ - "@okta/okta-auth-js", - 2.4383561644, - "2025-03-01T04:33:37.000" - ], - [ - "@okta/okta-react", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@okta/okta-signin-widget", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@okta/okta-signin-widget", - 0.5342465753, - "2024-03-10T21:51:53.000" - ], - [ - "@okta/okta-signin-widget", - 0.7671232877, - "2023-08-14T17:10:02.000" - ], - [ - "@okta/okta-signin-widget", - 0.8630136986, - "2023-09-14T02:10:47.000" - ], - [ - "@okta/okta-signin-widget", - 0.8821917808, - "2023-09-20T14:27:15.000" - ], - [ - "@storybook/addon-actions", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "@storybook/addon-actions", - 0.095890411, - "2024-06-08T13:54:33.000" - ], - [ - "@storybook/addon-actions", - 0.1342465753, - "2024-08-16T04:24:09.000" - ], - [ - "@storybook/addon-actions", - 0.2767123288, - "2024-10-16T20:27:46.000" - ], - [ - "@storybook/addon-actions", - 0.3863013699, - "2023-08-14T17:10:02.000" - ], - [ - "@storybook/addon-actions", - 0.4712328767, - "2023-09-14T02:10:47.000" - ], - [ - "@storybook/addon-actions", - 0.495890411, - "2023-09-20T14:27:15.000" - ], - [ - "@storybook/addon-actions", - 0.6821917808, - "2025-03-01T04:33:37.000" - ], - [ - "@storybook/addon-controls", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "@storybook/addon-controls", - 0.095890411, - "2024-06-08T13:54:33.000" - ], - [ - "@storybook/addon-controls", - 0.1342465753, - "2024-08-16T04:24:09.000" - ], - [ - "@storybook/addon-controls", - 0.2767123288, - "2024-10-16T20:27:46.000" - ], - [ - "@storybook/addon-controls", - 0.3863013699, - "2023-08-14T17:10:02.000" - ], - [ - "@storybook/addon-controls", - 0.4712328767, - "2023-09-14T02:10:47.000" - ], - [ - "@storybook/addon-controls", - 0.495890411, - "2023-09-20T14:27:15.000" - ], - [ - "@storybook/addon-controls", - 0.6821917808, - "2025-03-01T04:33:37.000" - ], - [ - "@storybook/addon-essentials", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "@storybook/addon-essentials", - 0.095890411, - "2024-06-08T13:54:33.000" - ], - [ - "@storybook/addon-essentials", - 0.1342465753, - "2024-08-16T04:24:09.000" - ], - [ - "@storybook/addon-essentials", - 0.2767123288, - "2024-10-16T20:27:46.000" - ], - [ - "@storybook/addon-essentials", - 0.3863013699, - "2023-08-14T17:10:02.000" - ], - [ - "@storybook/addon-essentials", - 0.4712328767, - "2023-09-14T02:10:47.000" - ], - [ - "@storybook/addon-essentials", - 0.495890411, - "2023-09-20T14:27:15.000" - ], - [ - "@storybook/addon-essentials", - 0.6821917808, - "2025-03-01T04:33:37.000" - ], - [ - "@storybook/addon-links", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "@storybook/addon-links", - 0.095890411, - "2024-06-08T13:54:33.000" - ], - [ - "@storybook/addon-links", - 0.1342465753, - "2024-08-16T04:24:09.000" - ], - [ - "@storybook/addon-links", - 0.2767123288, - "2024-10-16T20:27:46.000" - ], - [ - "@storybook/addon-links", - 0.3863013699, - "2023-08-14T17:10:02.000" - ], - [ - "@storybook/addon-links", - 0.4712328767, - "2023-09-14T02:10:47.000" - ], - [ - "@storybook/addon-links", - 0.495890411, - "2023-09-20T14:27:15.000" - ], - [ - "@storybook/addon-links", - 0.6821917808, - "2025-03-01T04:33:37.000" - ], - [ - "@storybook/node-logger", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "@storybook/node-logger", - 0.095890411, - "2024-06-08T13:54:33.000" - ], - [ - "@storybook/node-logger", - 0.1342465753, - "2024-08-16T04:24:09.000" - ], - [ - "@storybook/node-logger", - 0.2767123288, - "2024-10-16T20:27:46.000" - ], - [ - "@storybook/node-logger", - 0.3863013699, - "2023-08-14T17:10:02.000" - ], - [ - "@storybook/node-logger", - 0.4712328767, - "2023-09-14T02:10:47.000" - ], - [ - "@storybook/node-logger", - 0.495890411, - "2023-09-20T14:27:15.000" - ], - [ - "@storybook/node-logger", - 0.6821917808, - "2025-03-01T04:33:37.000" - ], - [ - "@storybook/react", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "@storybook/react", - 0.095890411, - "2024-06-08T13:54:33.000" - ], - [ - "@storybook/react", - 0.1342465753, - "2024-08-16T04:24:09.000" - ], - [ - "@storybook/react", - 0.2767123288, - "2024-10-16T20:27:46.000" - ], - [ - "@storybook/react", - 0.3863013699, - "2023-08-14T17:10:02.000" - ], - [ - "@storybook/react", - 0.4712328767, - "2023-09-14T02:10:47.000" - ], - [ - "@storybook/react", - 0.495890411, - "2023-09-20T14:27:15.000" - ], - [ - "@storybook/react", - 0.6821917808, - "2025-03-01T04:33:37.000" - ], - [ - "@storybook/react-vite", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "@storybook/react-vite", - 0.095890411, - "2024-06-08T13:54:33.000" - ], - [ - "@storybook/react-vite", - 0.1342465753, - "2024-08-16T04:24:09.000" - ], - [ - "@storybook/react-vite", - 0.2767123288, - "2024-10-16T20:27:46.000" - ], - [ - "@storybook/react-vite", - 0.6821917808, - "2025-03-01T04:33:37.000" - ], - [ - "@testing-library/jest-dom", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@testing-library/jest-dom", - 0.0712328767, - "2023-08-14T17:10:02.000" - ], - [ - "@testing-library/jest-dom", - 0.1342465753, - "2023-09-20T14:27:15.000" - ], - [ - "@testing-library/jest-dom", - 0.5534246575, - "2024-03-10T21:51:53.000" - ], - [ - "@testing-library/react", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@testing-library/react", - 1.6931506849, - "2023-09-20T14:27:15.000" - ], - [ - "@testing-library/react", - 2.1452054795, - "2024-08-16T04:24:09.000" - ], - [ - "@testing-library/react", - 2.3835616438, - "2024-10-16T20:27:46.000" - ], - [ - "@testing-library/react", - 2.6520547945, - "2024-03-10T21:51:53.000" - ], - [ - "@testing-library/user-event", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@testing-library/user-event", - 0.8054794521, - "2023-09-14T02:10:47.000" - ], - [ - "@testing-library/user-event", - 1.9095890411, - "2023-09-20T14:27:15.000" - ], - [ - "@testing-library/user-event", - 2.1945205479, - "2024-03-10T21:51:53.000" - ], - [ - "@tiptap/core", - -0.0684931507, - "2024-06-08T13:54:33.000" - ], - [ - "@tiptap/core", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@tiptap/extension-character-count", - -0.0684931507, - "2024-06-08T13:54:33.000" - ], - [ - "@tiptap/extension-character-count", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@tiptap/extension-document", - -0.0684931507, - "2024-06-08T13:54:33.000" - ], - [ - "@tiptap/extension-document", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@tiptap/extension-mention", - -0.0684931507, - "2024-06-08T13:54:33.000" - ], - [ - "@tiptap/extension-mention", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@tiptap/extension-paragraph", - -0.0684931507, - "2024-06-08T13:54:33.000" - ], - [ - "@tiptap/extension-paragraph", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@tiptap/extension-text", - -0.0684931507, - "2024-06-08T13:54:33.000" - ], - [ - "@tiptap/extension-text", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@tiptap/extension-text-style", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@tiptap/pm", - -0.0684931507, - "2024-06-08T13:54:33.000" - ], - [ - "@tiptap/pm", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@tiptap/react", - -0.0684931507, - "2024-06-08T13:54:33.000" - ], - [ - "@tiptap/react", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@tiptap/starter-kit", - -0.0684931507, - "2024-06-08T13:54:33.000" - ], - [ - "@tiptap/starter-kit", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@tiptap/suggestion", - -0.0684931507, - "2024-06-08T13:54:33.000" - ], - [ - "@tiptap/suggestion", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@trussworks/react-uswds", - 0.1561643836, - "2024-03-10T21:51:53.000" - ], - [ - "@trussworks/react-uswds", - 0.197260274, - "2024-08-16T04:24:09.000" - ], - [ - "@trussworks/react-uswds", - 0.6328767123, - "2025-03-01T04:33:37.000" - ], - [ - "@trussworks/react-uswds", - 1.2547945205, - "2023-08-14T17:10:02.000" - ], - [ - "@trussworks/react-uswds", - 1.402739726, - "2023-09-20T14:27:15.000" - ], - [ - "@types/apollo-upload-client", - 0.0, - "2023-09-20T14:27:15.000" - ], - [ - "@types/apollo-upload-client", - 0.1452054795, - "2025-03-01T04:33:37.000" - ], - [ - "@types/enzyme", - 1.7753424658, - "2023-09-20T14:27:15.000" - ], - [ - "@types/enzyme", - 2.4136986301, - "2024-10-16T20:27:46.000" - ], - [ - "@types/jest", - 2.2054794521, - "2023-08-14T17:10:02.000" - ], - [ - "@types/jest", - 2.3232876712, - "2023-09-14T02:10:47.000" - ], - [ - "@types/jest", - 2.3890410959, - "2023-09-20T14:27:15.000" - ], - [ - "@types/jest", - 2.7698630137, - "2024-08-16T04:24:09.000" - ], - [ - "@types/jest", - 3.3835616438, - "2024-10-16T20:27:46.000" - ], - [ - "@types/jest", - 3.4931506849, - "2025-03-01T04:33:37.000" - ], - [ - "@types/json2csv", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/lodash", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/luxon", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/luxon", - 2.0383561644, - "2023-08-14T17:10:02.000" - ], - [ - "@types/luxon", - 2.1479452055, - "2023-09-20T14:27:15.000" - ], - [ - "@types/luxon", - 2.5369863014, - "2024-03-10T21:51:53.000" - ], - [ - "@types/no-scroll", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/node", - 2.1287671233, - "2023-08-14T17:10:02.000" - ], - [ - "@types/node", - 2.2, - "2023-09-14T02:10:47.000" - ], - [ - "@types/node", - 2.2328767123, - "2023-09-20T14:27:15.000" - ], - [ - "@types/node", - 2.6931506849, - "2024-03-10T21:51:53.000" - ], - [ - "@types/node", - 2.9424657534, - "2024-06-08T13:54:33.000" - ], - [ - "@types/node", - 3.1342465753, - "2024-08-16T04:24:09.000" - ], - [ - "@types/node", - 3.2821917808, - "2024-10-16T20:27:46.000" - ], - [ - "@types/node", - 3.6794520548, - "2025-03-01T04:33:37.000" - ], - [ - "@types/react", - 2.1671232877, - "2023-08-14T17:10:02.000" - ], - [ - "@types/react", - 2.202739726, - "2023-09-14T02:10:47.000" - ], - [ - "@types/react", - 2.2767123288, - "2023-09-20T14:27:15.000" - ], - [ - "@types/react", - 2.7424657534, - "2024-03-10T21:51:53.000" - ], - [ - "@types/react", - 2.9561643836, - "2024-08-16T04:24:09.000" - ], - [ - "@types/react", - 3.3178082192, - "2024-10-16T20:27:46.000" - ], - [ - "@types/react", - 3.6931506849, - "2025-03-01T04:33:37.000" - ], - [ - "@types/react-autosuggest", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/react-autosuggest", - 0.1397260274, - "2024-03-10T21:51:53.000" - ], - [ - "@types/react-csv", - 0.0, - "2023-09-20T14:27:15.000" - ], - [ - "@types/react-dom", - 0.1863013699, - "2025-03-01T04:33:37.000" - ], - [ - "@types/react-dom", - 2.0657534247, - "2023-09-20T14:27:15.000" - ], - [ - "@types/react-dom", - 2.7178082192, - "2024-03-10T21:51:53.000" - ], - [ - "@types/react-dom", - 2.8547945205, - "2024-08-16T04:24:09.000" - ], - [ - "@types/react-dom", - 3.3178082192, - "2024-10-16T20:27:46.000" - ], - [ - "@types/react-modal", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/react-redux", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/react-router-dom", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/react-table", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/react-test-renderer", - -0.002739726, - "2024-03-10T21:51:53.000" - ], - [ - "@types/react-test-renderer", - 0.4246575342, - "2024-10-16T20:27:46.000" - ], - [ - "@types/react-test-renderer", - 1.0383561644, - "2025-03-01T04:33:37.000" - ], - [ - "@types/redux-mock-store", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/redux-saga-routines", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/sinon", - 0.0, - "2023-09-20T14:27:15.000" - ], - [ - "@types/sinon", - 0.2273972603, - "2024-10-16T20:27:46.000" - ], - [ - "@types/sinon", - 1.3479452055, - "2025-03-01T04:33:37.000" - ], - [ - "@types/text-encoding", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@types/yup", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "@uswds/uswds", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@vitejs/plugin-react", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "@vitest/coverage-v8", - 0.3945205479, - "2024-03-10T21:51:53.000" - ], - [ - "@vitest/coverage-v8", - 0.5945205479, - "2024-06-08T13:54:33.000" - ], - [ - "@vitest/coverage-v8", - 0.8383561644, - "2024-08-16T04:24:09.000" - ], - [ - "@vitest/coverage-v8", - 1.0438356164, - "2024-10-16T20:27:46.000" - ], - [ - "@vitest/coverage-v8", - 1.4082191781, - "2025-03-01T04:33:37.000" - ], - [ - "@wojtekmaj/enzyme-adapter-react-17", - 0.0, - "2024-10-16T20:27:46.000" - ], - [ - "apollo", - 0.0, - "2024-06-08T13:54:33.000" - ], - [ - "apollo-link", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "apollo-link-error", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "apollo-upload-client", - 0.0, - "2023-09-20T14:27:15.000" - ], - [ - "apollo-upload-client", - 1.8767123288, - "2025-03-01T04:33:37.000" - ], - [ - "autoprefixer", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "axios", - -0.0493150685, - "2024-03-10T21:51:53.000" - ], - [ - "axios", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "axios", - 1.0, - "2023-08-14T17:10:02.000" - ], - [ - "axios", - 1.3315068493, - "2023-09-20T14:27:15.000" - ], - [ - "babel-loader", - 0.0, - "2024-10-16T20:27:46.000" - ], - [ - "babel-loader", - 0.4493150685, - "2025-03-01T04:33:37.000" - ], - [ - "babel-loader", - 3.295890411, - "2023-09-20T14:27:15.000" - ], - [ - "classnames", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "cross-fetch", - -0.002739726, - "2025-03-01T04:33:37.000" - ], - [ - "cross-fetch", - 0.0, - "2024-10-16T20:27:46.000" - ], - [ - "cypress", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "cypress", - 0.0739726027, - "2024-06-08T13:54:33.000" - ], - [ - "cypress", - 0.1917808219, - "2025-03-01T04:33:37.000" - ], - [ - "cypress", - 0.2684931507, - "2024-08-16T04:24:09.000" - ], - [ - "cypress", - 0.3452054795, - "2023-08-14T17:10:02.000" - ], - [ - "cypress", - 0.3835616438, - "2024-10-16T20:27:46.000" - ], - [ - "cypress-file-upload", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "cypress-otp", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "detect-browser", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "enzyme", - 0.0, - "2024-10-16T20:27:46.000" - ], - [ - "enzyme-to-json", - 0.0, - "2023-08-14T17:10:02.000" - ], - [ - "eslint", - 0.0493150685, - "2024-10-16T20:27:46.000" - ], - [ - "eslint", - 0.4328767123, - "2025-03-01T04:33:37.000" - ], - [ - "eslint", - 2.0301369863, - "2023-08-14T17:10:02.000" - ], - [ - "eslint", - 2.1068493151, - "2023-09-20T14:27:15.000" - ], - [ - "eslint", - 2.5671232877, - "2024-03-10T21:51:53.000" - ], - [ - "eslint", - 2.8356164384, - "2024-06-08T13:54:33.000" - ], - [ - "eslint", - 3.0273972603, - "2024-08-16T04:24:09.000" - ], - [ - "eslint-config-airbnb", - 1.1315068493, - "2025-03-01T04:33:37.000" - ], - [ - "eslint-config-prettier", - 0.0054794521, - "2023-09-20T14:27:15.000" - ], - [ - "eslint-config-prettier", - 0.3315068493, - "2024-10-16T20:27:46.000" - ], - [ - "eslint-config-prettier", - 1.5698630137, - "2025-03-01T04:33:37.000" - ], - [ - "eslint-config-react-app", - -2.8493150685, - "2025-03-01T04:33:37.000" - ], - [ - "eslint-config-react-app", - 0.0, - "2024-10-16T20:27:46.000" - ], - [ - "eslint-plugin-cypress", - 0.0, - "2024-10-16T20:27:46.000" - ], - [ - "eslint-plugin-cypress", - 0.0520547945, - "2025-03-01T04:33:37.000" - ], - [ - "eslint-plugin-cypress", - 0.1178082192, - "2024-06-08T13:54:33.000" - ], - [ - "eslint-plugin-cypress", - 0.3232876712, - "2024-08-16T04:24:09.000" - ], - [ - "eslint-plugin-import", - 0.0, - "2024-08-16T04:24:09.000" - ], - [ - "eslint-plugin-jsx-a11y", - 0.0, - "2024-08-16T04:24:09.000" - ], - [ - "eslint-plugin-prettier", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "eslint-plugin-prettier", - 1.8876712329, - "2023-09-20T14:27:15.000" - ], - [ - "eslint-plugin-prettier", - 2.3890410959, - "2024-06-08T13:54:33.000" - ], - [ - "eslint-plugin-prettier", - 2.9068493151, - "2024-08-16T04:24:09.000" - ], - [ - "eslint-plugin-react", - 0.0, - "2024-08-16T04:24:09.000" - ], - [ - "eslint-plugin-react-hooks", - -0.2082191781, - "2024-03-10T21:51:53.000" - ], - [ - "eslint-plugin-react-hooks", - 0.0, - "2024-08-16T04:24:09.000" - ], - [ - "eslint-plugin-react-hooks", - 0.4575342466, - "2024-10-16T20:27:46.000" - ], - [ - "eslint-plugin-react-hooks", - 0.8410958904, - "2025-03-01T04:33:37.000" - ], - [ - "eslint-plugin-simple-import-sort", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "eslint-plugin-simple-import-sort", - 2.1369863014, - "2023-09-20T14:27:15.000" - ], - [ - "eslint-plugin-simple-import-sort", - 3.1726027397, - "2024-03-10T21:51:53.000" - ], - [ - "eslint-plugin-simple-import-sort", - 3.3452054795, - "2024-06-08T13:54:33.000" - ], - [ - "eslint-plugin-simple-import-sort", - 3.5643835616, - "2024-08-16T04:24:09.000" - ], - [ - "font-awesome", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "formik", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "glob", - -0.002739726, - "2024-10-16T20:27:46.000" - ], - [ - "glob", - 0.0, - "2024-06-08T13:54:33.000" - ], - [ - "glob", - 0.504109589, - "2025-03-01T04:33:37.000" - ], - [ - "graphql", - -0.002739726, - "2024-10-16T20:27:46.000" - ], - [ - "graphql", - 0.4821917808, - "2025-03-01T04:33:37.000" - ], - [ - "graphql", - 1.5397260274, - "2023-08-14T17:10:02.000" - ], - [ - "graphql", - 1.6849315068, - "2023-09-14T02:10:47.000" - ], - [ - "graphql", - 1.7808219178, - "2024-06-08T13:54:33.000" - ], - [ - "graphql-schema-linter", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "html-react-parser", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "i18next", - 0.0493150685, - "2024-03-10T21:51:53.000" - ], - [ - "i18next", - 0.1780821918, - "2025-03-01T04:33:37.000" - ], - [ - "i18next", - 0.2520547945, - "2024-06-08T13:54:33.000" - ], - [ - "i18next", - 0.4904109589, - "2024-08-16T04:24:09.000" - ], - [ - "i18next", - 0.6493150685, - "2024-10-16T20:27:46.000" - ], - [ - "i18next", - 2.4164383562, - "2023-08-14T17:10:02.000" - ], - [ - "i18next", - 2.498630137, - "2023-09-20T14:27:15.000" - ], - [ - "i18next-browser-languagedetector", - 2.8904109589, - "2023-09-20T14:27:15.000" - ], - [ - "i18next-browser-languagedetector", - 3.2657534247, - "2024-03-10T21:51:53.000" - ], - [ - "i18next-browser-languagedetector", - 3.7671232877, - "2024-10-16T20:27:46.000" - ], - [ - "i18next-browser-languagedetector", - 4.5452054795, - "2025-03-01T04:33:37.000" - ], - [ - "istanbul-lib-coverage", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "jest-canvas-mock", - 0.0, - "2023-09-20T14:27:15.000" - ], - [ - "jest-launchdarkly-mock", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "jest-launchdarkly-mock", - 1.3369863014, - "2023-09-20T14:27:15.000" - ], - [ - "js-base64", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "jsdom", - 0.298630137, - "2025-03-01T04:33:37.000" - ], - [ - "jsdom", - 0.6547945205, - "2024-03-10T21:51:53.000" - ], - [ - "jsdom", - 0.997260274, - "2024-06-08T13:54:33.000" - ], - [ - "jsdom", - 1.1506849315, - "2024-08-16T04:24:09.000" - ], - [ - "jsdom", - 1.3232876712, - "2024-10-16T20:27:46.000" - ], - [ - "json2csv", - 0.9068493151, - "2023-09-14T02:10:47.000" - ], - [ - "launchdarkly-react-client-sdk", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "launchdarkly-react-client-sdk", - 0.304109589, - "2024-03-10T21:51:53.000" - ], - [ - "launchdarkly-react-client-sdk", - 0.5616438356, - "2023-08-14T17:10:02.000" - ], - [ - "launchdarkly-react-client-sdk", - 0.6657534247, - "2023-09-20T14:27:15.000" - ], - [ - "lodash", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "luxon", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "luxon", - 0.5917808219, - "2023-08-14T17:10:02.000" - ], - [ - "luxon", - 0.6657534247, - "2023-09-20T14:27:15.000" - ], - [ - "luxon", - 0.8547945205, - "2024-03-10T21:51:53.000" - ], - [ - "markdown-spellcheck", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "no-scroll", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "nyc", - 0.0, - "2024-06-08T13:54:33.000" - ], - [ - "nyc", - 4.0246575342, - "2024-08-16T04:24:09.000" - ], - [ - "nyc", - 4.304109589, - "2025-03-01T04:33:37.000" - ], - [ - "prettier", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "prettier", - 0.2767123288, - "2023-08-14T17:10:02.000" - ], - [ - "prettier", - 0.3506849315, - "2023-09-20T14:27:15.000" - ], - [ - "prettier", - 0.7835616438, - "2024-03-10T21:51:53.000" - ], - [ - "prettier", - 1.1205479452, - "2024-06-08T13:54:33.000" - ], - [ - "prettier", - 1.2246575342, - "2024-08-16T04:24:09.000" - ], - [ - "react", - 0.6109589041, - "2025-03-01T04:33:37.000" - ], - [ - "react", - 1.2273972603, - "2024-03-10T21:51:53.000" - ], - [ - "react", - 3.095890411, - "2024-10-16T20:27:46.000" - ], - [ - "react-autosuggest", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "react-dom", - 0.6109589041, - "2025-03-01T04:33:37.000" - ], - [ - "react-dom", - 1.2273972603, - "2024-03-10T21:51:53.000" - ], - [ - "react-dom", - 3.095890411, - "2024-10-16T20:27:46.000" - ], - [ - "react-ga4", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "react-hook-form", - -0.1780821918, - "2025-03-01T04:33:37.000" - ], - [ - "react-i18next", - 0.3068493151, - "2024-03-10T21:51:53.000" - ], - [ - "react-i18next", - 0.5150684932, - "2024-06-08T13:54:33.000" - ], - [ - "react-i18next", - 0.7260273973, - "2024-08-16T04:24:09.000" - ], - [ - "react-i18next", - 0.9068493151, - "2024-10-16T20:27:46.000" - ], - [ - "react-i18next", - 1.2602739726, - "2025-03-01T04:33:37.000" - ], - [ - "react-i18next", - 2.2136986301, - "2023-08-14T17:10:02.000" - ], - [ - "react-i18next", - 2.2739726027, - "2023-09-20T14:27:15.000" - ], - [ - "react-idle-timer", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "react-media", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "react-modal", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "react-paginate", - 0.0, - "2024-08-16T04:24:09.000" - ], - [ - "react-redux", - 0.8465753425, - "2023-09-20T14:27:15.000" - ], - [ - "react-redux", - 1.304109589, - "2024-03-10T21:51:53.000" - ], - [ - "react-redux", - 1.6054794521, - "2024-10-16T20:27:46.000" - ], - [ - "react-redux", - 2.2164383562, - "2025-03-01T04:33:37.000" - ], - [ - "react-router-dom", - 0.8520547945, - "2023-08-14T17:10:02.000" - ], - [ - "react-router-dom", - 0.9452054795, - "2023-09-20T14:27:15.000" - ], - [ - "react-router-dom", - 1.4273972603, - "2024-03-10T21:51:53.000" - ], - [ - "react-router-dom", - 1.6054794521, - "2024-06-08T13:54:33.000" - ], - [ - "react-router-dom", - 1.8684931507, - "2024-08-16T04:24:09.000" - ], - [ - "react-router-dom", - 2.0273972603, - "2024-10-16T20:27:46.000" - ], - [ - "react-router-dom", - 2.3835616438, - "2025-03-01T04:33:37.000" - ], - [ - "react-scripts", - 0.0, - "2023-09-20T14:27:15.000" - ], - [ - "react-select", - 0.0, - "2024-10-16T20:27:46.000" - ], - [ - "react-select", - 0.1178082192, - "2025-03-01T04:33:37.000" - ], - [ - "react-select-event", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "react-table", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "react-test-renderer", - 1.6657534247, - "2024-03-10T21:51:53.000" - ], - [ - "react-test-renderer", - 3.5315068493, - "2024-10-16T20:27:46.000" - ], - [ - "react-test-renderer", - 4.1424657534, - "2025-03-01T04:33:37.000" - ], - [ - "react-to-print", - 0.0, - "2024-08-16T04:24:09.000" - ], - [ - "react-to-print", - 0.6273972603, - "2024-10-16T20:27:46.000" - ], - [ - "react-to-print", - 0.9534246575, - "2025-03-01T04:33:37.000" - ], - [ - "redux", - 0.0, - "2023-09-20T14:27:15.000" - ], - [ - "redux", - 0.898630137, - "2025-03-01T04:33:37.000" - ], - [ - "redux-actions", - 3.9452054795, - "2024-06-08T13:54:33.000" - ], - [ - "redux-actions", - 5.3835616438, - "2025-03-01T04:33:37.000" - ], - [ - "redux-devtools-extension", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "redux-mock-store", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "redux-saga", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "redux-saga-routines", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "regenerator-runtime", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "sass", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "sass-loader", - 0.0, - "2023-09-20T14:27:15.000" - ], - [ - "sass-loader", - 0.1506849315, - "2024-03-10T21:51:53.000" - ], - [ - "sass-loader", - 0.3068493151, - "2024-06-08T13:54:33.000" - ], - [ - "sass-loader", - 0.5835616438, - "2024-08-16T04:24:09.000" - ], - [ - "sass-loader", - 0.7369863014, - "2024-10-16T20:27:46.000" - ], - [ - "sass-loader", - 1.1397260274, - "2025-03-01T04:33:37.000" - ], - [ - "sass-resources-loader", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "sinon", - 0.2328767123, - "2023-09-20T14:27:15.000" - ], - [ - "sinon", - 0.3643835616, - "2024-03-10T21:51:53.000" - ], - [ - "sinon", - 0.901369863, - "2024-08-16T04:24:09.000" - ], - [ - "sinon", - 1.2328767123, - "2025-03-01T04:33:37.000" - ], - [ - "start-server-and-test", - 0.0, - "2023-09-20T14:27:15.000" - ], - [ - "start-server-and-test", - 0.7178082192, - "2024-03-10T21:51:53.000" - ], - [ - "start-server-and-test", - 1.2712328767, - "2024-06-08T13:54:33.000" - ], - [ - "start-server-and-test", - 1.4191780822, - "2024-08-16T04:24:09.000" - ], - [ - "start-server-and-test", - 1.5534246575, - "2024-10-16T20:27:46.000" - ], - [ - "start-server-and-test", - 1.8821917808, - "2025-03-01T04:33:37.000" - ], - [ - "storybook", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "storybook", - 0.095890411, - "2024-06-08T13:54:33.000" - ], - [ - "storybook", - 0.1342465753, - "2024-08-16T04:24:09.000" - ], - [ - "storybook", - 0.2767123288, - "2024-10-16T20:27:46.000" - ], - [ - "storybook", - 0.6821917808, - "2025-03-01T04:33:37.000" - ], - [ - "storybook-addon-apollo-client", - 0.0, - "2024-03-10T21:51:53.000" - ], - [ - "storybook-addon-apollo-client", - 0.2465753425, - "2023-09-20T14:27:15.000" - ], - [ - "storybook-addon-apollo-client", - 0.8356164384, - "2024-10-16T20:27:46.000" - ], - [ - "storybook-addon-apollo-client", - 1.6602739726, - "2025-03-01T04:33:37.000" - ], - [ - "subscriptions-transport-ws", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "text-encoding", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "tippy.js", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "ts-loader", - 3.0931506849, - "2023-09-20T14:27:15.000" - ], - [ - "ts-loader", - 3.4767123288, - "2024-10-16T20:27:46.000" - ], - [ - "ts-loader", - 4.6383561644, - "2025-03-01T04:33:37.000" - ], - [ - "ts-node", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "typescript", - -0.002739726, - "2025-03-01T04:33:37.000" - ], - [ - "typescript", - 0.4082191781, - "2023-08-14T17:10:02.000" - ], - [ - "typescript", - 0.5616438356, - "2023-09-20T14:27:15.000" - ], - [ - "typescript", - 1.095890411, - "2024-03-10T21:51:53.000" - ], - [ - "typescript", - 1.1917808219, - "2024-06-08T13:54:33.000" - ], - [ - "typescript", - 1.4767123288, - "2024-08-16T04:24:09.000" - ], - [ - "typescript", - 1.6904109589, - "2024-10-16T20:27:46.000" - ], - [ - "vite", - 0.0, - "2024-10-16T20:27:46.000" - ], - [ - "vite", - 0.0931506849, - "2025-03-01T04:33:37.000" - ], - [ - "vite", - 0.1232876712, - "2024-03-10T21:51:53.000" - ], - [ - "vite", - 0.202739726, - "2024-06-08T13:54:33.000" - ], - [ - "vite-plugin-svgr", - 0.1589041096, - "2024-10-16T20:27:46.000" - ], - [ - "vite-plugin-svgr", - 1.1178082192, - "2025-03-01T04:33:37.000" - ], - [ - "vite-tsconfig-paths", - 0.0, - "2024-06-08T13:54:33.000" - ], - [ - "vite-tsconfig-paths", - 0.402739726, - "2024-10-16T20:27:46.000" - ], - [ - "vite-tsconfig-paths", - 0.7315068493, - "2025-03-01T04:33:37.000" - ], - [ - "vitest", - 0.0575342466, - "2025-03-01T04:33:37.000" - ], - [ - "vitest", - 0.3945205479, - "2024-03-10T21:51:53.000" - ], - [ - "vitest", - 0.5945205479, - "2024-06-08T13:54:33.000" - ], - [ - "vitest", - 0.8383561644, - "2024-08-16T04:24:09.000" - ], - [ - "vitest", - 1.0438356164, - "2024-10-16T20:27:46.000" - ], - [ - "wait-on", - 0.0, - "2024-08-16T04:24:09.000" - ], - [ - "wait-on", - 0.8219178082, - "2024-10-16T20:27:46.000" - ], - [ - "wait-on", - 1.1561643836, - "2025-03-01T04:33:37.000" - ], - [ - "wait-on", - 1.7479452055, - "2023-09-20T14:27:15.000" - ], - [ - "wait-on", - 2.6602739726, - "2024-03-10T21:51:53.000" - ], - [ - "webpack", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "yup", - 0.0, - "2025-03-01T04:33:37.000" - ], - [ - "yup", - 2.2657534247, - "2023-09-20T14:27:15.000" - ] + "score": 5.7, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 8, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "30 out of 30 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "27 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "25 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "TypeScript", + "Bytes": 4693137, + "CodeBytes": 0, + "Lines": 122699, + "Code": 107771, + "Comment": 4372, + "Blank": 10556, + "Complexity": 9041, + "Count": 834, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go", + "Bytes": 7579220, + "CodeBytes": 0, + "Lines": 211588, + "Code": 187031, + "Comment": 4770, + "Blank": 19787, + "Complexity": 34803, + "Count": 616, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 691357, + "CodeBytes": 0, + "Lines": 14842, + "Code": 12991, + "Comment": 609, + "Blank": 1242, + "Complexity": 68, + "Count": 375, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 53083, + "CodeBytes": 0, + "Lines": 2876, + "Code": 2405, + "Comment": 36, + "Blank": 435, + "Complexity": 0, + "Count": 89, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "GraphQL", + "Bytes": 157337, + "CodeBytes": 0, + "Lines": 4675, + "Code": 3508, + "Comment": 688, + "Blank": 479, + "Complexity": 289, + "Count": 68, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 134610, + "CodeBytes": 0, + "Lines": 2773, + "Code": 1969, + "Comment": 0, + "Blank": 804, + "Complexity": 0, + "Count": 40, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 25039, + "CodeBytes": 0, + "Lines": 926, + "Code": 765, + "Comment": 16, + "Blank": 145, + "Complexity": 0, + "Count": 38, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 120214, + "CodeBytes": 0, + "Lines": 4021, + "Code": 2745, + "Comment": 352, + "Blank": 924, + "Complexity": 25, + "Count": 35, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 469525, + "CodeBytes": 0, + "Lines": 11857, + "Code": 11853, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 31, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "BASH", + "Bytes": 19072, + "CodeBytes": 0, + "Lines": 637, + "Code": 400, + "Comment": 121, + "Blank": 116, + "Complexity": 49, + "Count": 21, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 52562, + "CodeBytes": 0, + "Lines": 1628, + "Code": 1407, + "Comment": 104, + "Blank": 117, + "Complexity": 0, + "Count": 18, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 11498, + "CodeBytes": 0, + "Lines": 315, + "Code": 170, + "Comment": 86, + "Blank": 59, + "Complexity": 20, + "Count": 15, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go Template", + "Bytes": 1497, + "CodeBytes": 0, + "Lines": 104, + "Code": 103, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript Typings", + "Bytes": 5381, + "CodeBytes": 0, + "Lines": 186, + "Code": 152, + "Comment": 15, + "Blank": 19, + "Complexity": 1, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 171, + "CodeBytes": 0, + "Lines": 16, + "Code": 8, + "Comment": 4, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 1271, + "CodeBytes": 0, + "Lines": 49, + "Code": 32, + "Comment": 4, + "Blank": 13, + "Complexity": 5, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 11357, + "CodeBytes": 0, + "Lines": 201, + "Code": 169, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 57, + "CodeBytes": 0, + "Lines": 2, + "Code": 2, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Ruby", + "Bytes": 13135, + "CodeBytes": 0, + "Lines": 482, + "Code": 439, + "Comment": 16, + "Blank": 27, + "Complexity": 17, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 316, + "CodeBytes": 0, + "Lines": 15, + "Code": 15, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 11000356.775321292, + "estimatedScheduleMonths_low": 35.429203972366786, + "estimatedPeople_low": 30.247876019095912, + "estimatedCost_high": 34281916.169805355, + "estimatedScheduleMonths_high": 35.429203972366786, + "estimatedPeople_high": 30.247876019095912, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 834 122699 10556 4372 107771 9041\n(ULOC) 50713\n-------------------------------------------------------------------------------\nGo 616 211588 19787 4770 187031 34803\n(ULOC) 46504\n-------------------------------------------------------------------------------\nSQL 375 14842 1242 609 12991 68\n(ULOC) 7070\n-------------------------------------------------------------------------------\nSass 89 2876 435 36 2405 0\n(ULOC) 1437\n-------------------------------------------------------------------------------\nGraphQL 68 4675 479 688 3508 289\n(ULOC) 2432\n-------------------------------------------------------------------------------\nMarkdown 40 2773 804 0 1969 0\n(ULOC) 1758\n-------------------------------------------------------------------------------\nHTML 38 926 145 16 765 0\n(ULOC) 465\n-------------------------------------------------------------------------------\nJavaScript 35 4021 924 352 2745 25\n(ULOC) 1559\n-------------------------------------------------------------------------------\nJSON 31 11857 4 0 11853 0\n(ULOC) 4895\n-------------------------------------------------------------------------------\nBASH 21 637 116 121 400 49\n(ULOC) 406\n-------------------------------------------------------------------------------\nYAML 18 1628 117 104 1407 0\n(ULOC) 851\n-------------------------------------------------------------------------------\nShell 15 315 59 86 170 20\n(ULOC) 209\n-------------------------------------------------------------------------------\nGo Template 6 104 1 0 103 0\n(ULOC) 57\n-------------------------------------------------------------------------------\nTypeScript Typings 5 186 19 15 152 1\n(ULOC) 154\n-------------------------------------------------------------------------------\nDocker ignore 1 16 4 4 8 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nDockerfile 1 49 13 4 32 5\n(ULOC) 36\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nPlain Text 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nRuby 1 482 27 16 439 17\n(ULOC) 303\n-------------------------------------------------------------------------------\nTOML 1 15 0 0 15 0\n(ULOC) 8\n───────────────────────────────────────────────────────────────────────────────\nTotal 2197 379892 34764 11193 333935 44318\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 117791\nDRYness % 0.31\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $12,062,584\nEstimated Schedule Effort (organic) 35.43 months\nEstimated People Required (organic) 30.25\n───────────────────────────────────────────────────────────────────────────────\nProcessed 14039839 bytes, 14.040 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 4693137, + "Go": 1697715, + "JavaScript": 120214, + "SCSS": 53083, + "PLpgSQL": 51293, + "Shell": 30570, + "HTML": 25039, + "Ruby": 13135, + "Dockerfile": 1271 + }, + "average_issue_resolution_time": [ + [ + "mint-app", + "00:04:44.780488" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@apollo/client", + -0.0739726027, + "2024-10-16T20:27:46.000" + ], + [ + "@apollo/client", + -0.002739726, + "2023-09-20T14:27:15.000" + ], + [ + "@apollo/client", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@apollo/client", + 0.0931506849, + "2024-06-08T13:54:33.000" + ], + [ + "@apollo/client", + 0.3260273973, + "2024-08-16T04:24:09.000" + ], + [ + "@apollo/react-testing", + 0.0, + "2024-08-16T04:24:09.000" + ], + [ + "@babel/core", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@babel/plugin-syntax-class-properties", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@babel/preset-env", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@craco/craco", + 0.0, + "2023-09-20T14:27:15.000" + ], + [ + "@cypress/code-coverage", + 0.0, + "2024-10-16T20:27:46.000" + ], + [ + "@cypress/code-coverage", + 0.2082191781, + "2025-03-01T04:33:37.000" + ], + [ + "@cypress/webpack-preprocessor", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@cypress/webpack-preprocessor", + 0.3287671233, + "2023-09-20T14:27:15.000" + ], + [ + "@graphql-codegen/cli", + -0.0849315068, + "2023-09-20T14:27:15.000" + ], + [ + "@graphql-codegen/cli", + 0.0, + "2024-08-16T04:24:09.000" + ], + [ + "@graphql-codegen/cli", + 0.3506849315, + "2025-03-01T04:33:37.000" + ], + [ + "@graphql-codegen/cli", + 0.5369863014, + "2024-03-10T21:51:53.000" + ], + [ + "@graphql-codegen/cli", + 0.6684931507, + "2024-10-16T20:27:46.000" + ], + [ + "@graphql-codegen/client-preset", + -0.1397260274, + "2023-09-20T14:27:15.000" + ], + [ + "@graphql-codegen/client-preset", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@graphql-codegen/client-preset", + 0.5808219178, + "2024-03-10T21:51:53.000" + ], + [ + "@graphql-codegen/client-preset", + 0.8136986301, + "2024-06-08T13:54:33.000" + ], + [ + "@graphql-codegen/client-preset", + 1.0109589041, + "2024-08-16T04:24:09.000" + ], + [ + "@graphql-codegen/client-preset", + 1.2054794521, + "2024-10-16T20:27:46.000" + ], + [ + "@graphql-codegen/introspection", + -1.0, + "2025-03-01T04:33:37.000" + ], + [ + "@graphql-codegen/introspection", + 0.0383561644, + "2024-10-16T20:27:46.000" + ], + [ + "@graphql-codegen/introspection", + 0.7452054795, + "2024-03-10T21:51:53.000" + ], + [ + "@graphql-codegen/typed-document-node", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@graphql-codegen/typed-document-node", + 0.2657534247, + "2024-10-16T20:27:46.000" + ], + [ + "@graphql-codegen/typescript-react-apollo", + -0.4739726027, + "2025-03-01T04:33:37.000" + ], + [ + "@graphql-codegen/typescript-react-apollo", + 0.0, + "2024-10-16T20:27:46.000" + ], + [ + "@json2csv/formatters", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@json2csv/plainjs", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@json2csv/transforms", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@okta/okta-auth-js", + 0.8547945205, + "2023-08-14T17:10:02.000" + ], + [ + "@okta/okta-auth-js", + 0.9342465753, + "2023-09-20T14:27:15.000" + ], + [ + "@okta/okta-auth-js", + 1.3452054795, + "2024-03-10T21:51:53.000" + ], + [ + "@okta/okta-auth-js", + 1.6657534247, + "2024-08-16T04:24:09.000" + ], + [ + "@okta/okta-auth-js", + 1.9342465753, + "2024-10-16T20:27:46.000" + ], + [ + "@okta/okta-auth-js", + 2.4383561644, + "2025-03-01T04:33:37.000" + ], + [ + "@okta/okta-react", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@okta/okta-signin-widget", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@okta/okta-signin-widget", + 0.5342465753, + "2024-03-10T21:51:53.000" + ], + [ + "@okta/okta-signin-widget", + 0.7671232877, + "2023-08-14T17:10:02.000" + ], + [ + "@okta/okta-signin-widget", + 0.8630136986, + "2023-09-14T02:10:47.000" + ], + [ + "@okta/okta-signin-widget", + 0.8821917808, + "2023-09-20T14:27:15.000" + ], + [ + "@storybook/addon-actions", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "@storybook/addon-actions", + 0.095890411, + "2024-06-08T13:54:33.000" + ], + [ + "@storybook/addon-actions", + 0.1342465753, + "2024-08-16T04:24:09.000" + ], + [ + "@storybook/addon-actions", + 0.2767123288, + "2024-10-16T20:27:46.000" + ], + [ + "@storybook/addon-actions", + 0.3863013699, + "2023-08-14T17:10:02.000" + ], + [ + "@storybook/addon-actions", + 0.4712328767, + "2023-09-14T02:10:47.000" + ], + [ + "@storybook/addon-actions", + 0.495890411, + "2023-09-20T14:27:15.000" + ], + [ + "@storybook/addon-actions", + 0.6821917808, + "2025-03-01T04:33:37.000" + ], + [ + "@storybook/addon-controls", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "@storybook/addon-controls", + 0.095890411, + "2024-06-08T13:54:33.000" + ], + [ + "@storybook/addon-controls", + 0.1342465753, + "2024-08-16T04:24:09.000" + ], + [ + "@storybook/addon-controls", + 0.2767123288, + "2024-10-16T20:27:46.000" + ], + [ + "@storybook/addon-controls", + 0.3863013699, + "2023-08-14T17:10:02.000" + ], + [ + "@storybook/addon-controls", + 0.4712328767, + "2023-09-14T02:10:47.000" + ], + [ + "@storybook/addon-controls", + 0.495890411, + "2023-09-20T14:27:15.000" + ], + [ + "@storybook/addon-controls", + 0.6821917808, + "2025-03-01T04:33:37.000" + ], + [ + "@storybook/addon-essentials", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "@storybook/addon-essentials", + 0.095890411, + "2024-06-08T13:54:33.000" + ], + [ + "@storybook/addon-essentials", + 0.1342465753, + "2024-08-16T04:24:09.000" + ], + [ + "@storybook/addon-essentials", + 0.2767123288, + "2024-10-16T20:27:46.000" + ], + [ + "@storybook/addon-essentials", + 0.3863013699, + "2023-08-14T17:10:02.000" + ], + [ + "@storybook/addon-essentials", + 0.4712328767, + "2023-09-14T02:10:47.000" + ], + [ + "@storybook/addon-essentials", + 0.495890411, + "2023-09-20T14:27:15.000" + ], + [ + "@storybook/addon-essentials", + 0.6821917808, + "2025-03-01T04:33:37.000" + ], + [ + "@storybook/addon-links", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "@storybook/addon-links", + 0.095890411, + "2024-06-08T13:54:33.000" + ], + [ + "@storybook/addon-links", + 0.1342465753, + "2024-08-16T04:24:09.000" + ], + [ + "@storybook/addon-links", + 0.2767123288, + "2024-10-16T20:27:46.000" + ], + [ + "@storybook/addon-links", + 0.3863013699, + "2023-08-14T17:10:02.000" + ], + [ + "@storybook/addon-links", + 0.4712328767, + "2023-09-14T02:10:47.000" + ], + [ + "@storybook/addon-links", + 0.495890411, + "2023-09-20T14:27:15.000" + ], + [ + "@storybook/addon-links", + 0.6821917808, + "2025-03-01T04:33:37.000" + ], + [ + "@storybook/node-logger", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "@storybook/node-logger", + 0.095890411, + "2024-06-08T13:54:33.000" + ], + [ + "@storybook/node-logger", + 0.1342465753, + "2024-08-16T04:24:09.000" + ], + [ + "@storybook/node-logger", + 0.2767123288, + "2024-10-16T20:27:46.000" + ], + [ + "@storybook/node-logger", + 0.3863013699, + "2023-08-14T17:10:02.000" + ], + [ + "@storybook/node-logger", + 0.4712328767, + "2023-09-14T02:10:47.000" + ], + [ + "@storybook/node-logger", + 0.495890411, + "2023-09-20T14:27:15.000" + ], + [ + "@storybook/node-logger", + 0.6821917808, + "2025-03-01T04:33:37.000" + ], + [ + "@storybook/react", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "@storybook/react", + 0.095890411, + "2024-06-08T13:54:33.000" + ], + [ + "@storybook/react", + 0.1342465753, + "2024-08-16T04:24:09.000" + ], + [ + "@storybook/react", + 0.2767123288, + "2024-10-16T20:27:46.000" + ], + [ + "@storybook/react", + 0.3863013699, + "2023-08-14T17:10:02.000" + ], + [ + "@storybook/react", + 0.4712328767, + "2023-09-14T02:10:47.000" + ], + [ + "@storybook/react", + 0.495890411, + "2023-09-20T14:27:15.000" + ], + [ + "@storybook/react", + 0.6821917808, + "2025-03-01T04:33:37.000" + ], + [ + "@storybook/react-vite", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "@storybook/react-vite", + 0.095890411, + "2024-06-08T13:54:33.000" + ], + [ + "@storybook/react-vite", + 0.1342465753, + "2024-08-16T04:24:09.000" + ], + [ + "@storybook/react-vite", + 0.2767123288, + "2024-10-16T20:27:46.000" + ], + [ + "@storybook/react-vite", + 0.6821917808, + "2025-03-01T04:33:37.000" + ], + [ + "@testing-library/jest-dom", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@testing-library/jest-dom", + 0.0712328767, + "2023-08-14T17:10:02.000" + ], + [ + "@testing-library/jest-dom", + 0.1342465753, + "2023-09-20T14:27:15.000" + ], + [ + "@testing-library/jest-dom", + 0.5534246575, + "2024-03-10T21:51:53.000" + ], + [ + "@testing-library/react", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@testing-library/react", + 1.6931506849, + "2023-09-20T14:27:15.000" + ], + [ + "@testing-library/react", + 2.1452054795, + "2024-08-16T04:24:09.000" + ], + [ + "@testing-library/react", + 2.3835616438, + "2024-10-16T20:27:46.000" + ], + [ + "@testing-library/react", + 2.6520547945, + "2024-03-10T21:51:53.000" + ], + [ + "@testing-library/user-event", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@testing-library/user-event", + 0.8054794521, + "2023-09-14T02:10:47.000" + ], + [ + "@testing-library/user-event", + 1.9095890411, + "2023-09-20T14:27:15.000" + ], + [ + "@testing-library/user-event", + 2.1945205479, + "2024-03-10T21:51:53.000" + ], + [ + "@tiptap/core", + -0.0684931507, + "2024-06-08T13:54:33.000" + ], + [ + "@tiptap/core", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@tiptap/extension-character-count", + -0.0684931507, + "2024-06-08T13:54:33.000" + ], + [ + "@tiptap/extension-character-count", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@tiptap/extension-document", + -0.0684931507, + "2024-06-08T13:54:33.000" + ], + [ + "@tiptap/extension-document", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@tiptap/extension-mention", + -0.0684931507, + "2024-06-08T13:54:33.000" + ], + [ + "@tiptap/extension-mention", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@tiptap/extension-paragraph", + -0.0684931507, + "2024-06-08T13:54:33.000" + ], + [ + "@tiptap/extension-paragraph", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@tiptap/extension-text", + -0.0684931507, + "2024-06-08T13:54:33.000" + ], + [ + "@tiptap/extension-text", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@tiptap/extension-text-style", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@tiptap/pm", + -0.0684931507, + "2024-06-08T13:54:33.000" + ], + [ + "@tiptap/pm", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@tiptap/react", + -0.0684931507, + "2024-06-08T13:54:33.000" + ], + [ + "@tiptap/react", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@tiptap/starter-kit", + -0.0684931507, + "2024-06-08T13:54:33.000" + ], + [ + "@tiptap/starter-kit", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@tiptap/suggestion", + -0.0684931507, + "2024-06-08T13:54:33.000" + ], + [ + "@tiptap/suggestion", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@trussworks/react-uswds", + 0.1561643836, + "2024-03-10T21:51:53.000" + ], + [ + "@trussworks/react-uswds", + 0.197260274, + "2024-08-16T04:24:09.000" + ], + [ + "@trussworks/react-uswds", + 0.6328767123, + "2025-03-01T04:33:37.000" + ], + [ + "@trussworks/react-uswds", + 1.2547945205, + "2023-08-14T17:10:02.000" + ], + [ + "@trussworks/react-uswds", + 1.402739726, + "2023-09-20T14:27:15.000" + ], + [ + "@types/apollo-upload-client", + 0.0, + "2023-09-20T14:27:15.000" + ], + [ + "@types/apollo-upload-client", + 0.1452054795, + "2025-03-01T04:33:37.000" + ], + [ + "@types/enzyme", + 1.7753424658, + "2023-09-20T14:27:15.000" + ], + [ + "@types/enzyme", + 2.4136986301, + "2024-10-16T20:27:46.000" + ], + [ + "@types/jest", + 2.2054794521, + "2023-08-14T17:10:02.000" + ], + [ + "@types/jest", + 2.3232876712, + "2023-09-14T02:10:47.000" + ], + [ + "@types/jest", + 2.3890410959, + "2023-09-20T14:27:15.000" + ], + [ + "@types/jest", + 2.7698630137, + "2024-08-16T04:24:09.000" + ], + [ + "@types/jest", + 3.3835616438, + "2024-10-16T20:27:46.000" + ], + [ + "@types/jest", + 3.4931506849, + "2025-03-01T04:33:37.000" + ], + [ + "@types/json2csv", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/lodash", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/luxon", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/luxon", + 2.0383561644, + "2023-08-14T17:10:02.000" + ], + [ + "@types/luxon", + 2.1479452055, + "2023-09-20T14:27:15.000" + ], + [ + "@types/luxon", + 2.5369863014, + "2024-03-10T21:51:53.000" + ], + [ + "@types/no-scroll", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/node", + 2.1287671233, + "2023-08-14T17:10:02.000" + ], + [ + "@types/node", + 2.2, + "2023-09-14T02:10:47.000" + ], + [ + "@types/node", + 2.2328767123, + "2023-09-20T14:27:15.000" + ], + [ + "@types/node", + 2.6931506849, + "2024-03-10T21:51:53.000" + ], + [ + "@types/node", + 2.9424657534, + "2024-06-08T13:54:33.000" + ], + [ + "@types/node", + 3.1342465753, + "2024-08-16T04:24:09.000" + ], + [ + "@types/node", + 3.2821917808, + "2024-10-16T20:27:46.000" + ], + [ + "@types/node", + 3.6794520548, + "2025-03-01T04:33:37.000" + ], + [ + "@types/react", + 2.1671232877, + "2023-08-14T17:10:02.000" + ], + [ + "@types/react", + 2.202739726, + "2023-09-14T02:10:47.000" + ], + [ + "@types/react", + 2.2767123288, + "2023-09-20T14:27:15.000" + ], + [ + "@types/react", + 2.7424657534, + "2024-03-10T21:51:53.000" + ], + [ + "@types/react", + 2.9561643836, + "2024-08-16T04:24:09.000" + ], + [ + "@types/react", + 3.3178082192, + "2024-10-16T20:27:46.000" + ], + [ + "@types/react", + 3.6931506849, + "2025-03-01T04:33:37.000" + ], + [ + "@types/react-autosuggest", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/react-autosuggest", + 0.1397260274, + "2024-03-10T21:51:53.000" + ], + [ + "@types/react-csv", + 0.0, + "2023-09-20T14:27:15.000" + ], + [ + "@types/react-dom", + 0.1863013699, + "2025-03-01T04:33:37.000" + ], + [ + "@types/react-dom", + 2.0657534247, + "2023-09-20T14:27:15.000" + ], + [ + "@types/react-dom", + 2.7178082192, + "2024-03-10T21:51:53.000" + ], + [ + "@types/react-dom", + 2.8547945205, + "2024-08-16T04:24:09.000" + ], + [ + "@types/react-dom", + 3.3178082192, + "2024-10-16T20:27:46.000" + ], + [ + "@types/react-modal", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/react-redux", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/react-router-dom", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/react-table", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/react-test-renderer", + -0.002739726, + "2024-03-10T21:51:53.000" + ], + [ + "@types/react-test-renderer", + 0.4246575342, + "2024-10-16T20:27:46.000" + ], + [ + "@types/react-test-renderer", + 1.0383561644, + "2025-03-01T04:33:37.000" + ], + [ + "@types/redux-mock-store", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/redux-saga-routines", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/sinon", + 0.0, + "2023-09-20T14:27:15.000" + ], + [ + "@types/sinon", + 0.2273972603, + "2024-10-16T20:27:46.000" + ], + [ + "@types/sinon", + 1.3479452055, + "2025-03-01T04:33:37.000" + ], + [ + "@types/text-encoding", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@types/yup", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "@uswds/uswds", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@vitejs/plugin-react", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "@vitest/coverage-v8", + 0.3945205479, + "2024-03-10T21:51:53.000" + ], + [ + "@vitest/coverage-v8", + 0.5945205479, + "2024-06-08T13:54:33.000" + ], + [ + "@vitest/coverage-v8", + 0.8383561644, + "2024-08-16T04:24:09.000" + ], + [ + "@vitest/coverage-v8", + 1.0438356164, + "2024-10-16T20:27:46.000" + ], + [ + "@vitest/coverage-v8", + 1.4082191781, + "2025-03-01T04:33:37.000" + ], + [ + "@wojtekmaj/enzyme-adapter-react-17", + 0.0, + "2024-10-16T20:27:46.000" + ], + [ + "apollo", + 0.0, + "2024-06-08T13:54:33.000" + ], + [ + "apollo-link", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "apollo-link-error", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "apollo-upload-client", + 0.0, + "2023-09-20T14:27:15.000" + ], + [ + "apollo-upload-client", + 1.8767123288, + "2025-03-01T04:33:37.000" + ], + [ + "autoprefixer", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "axios", + -0.0493150685, + "2024-03-10T21:51:53.000" + ], + [ + "axios", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "axios", + 1.0, + "2023-08-14T17:10:02.000" + ], + [ + "axios", + 1.3315068493, + "2023-09-20T14:27:15.000" + ], + [ + "babel-loader", + 0.0, + "2024-10-16T20:27:46.000" + ], + [ + "babel-loader", + 0.4493150685, + "2025-03-01T04:33:37.000" + ], + [ + "babel-loader", + 3.295890411, + "2023-09-20T14:27:15.000" + ], + [ + "classnames", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "cross-fetch", + -0.002739726, + "2025-03-01T04:33:37.000" + ], + [ + "cross-fetch", + 0.0, + "2024-10-16T20:27:46.000" + ], + [ + "cypress", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "cypress", + 0.0739726027, + "2024-06-08T13:54:33.000" + ], + [ + "cypress", + 0.1917808219, + "2025-03-01T04:33:37.000" + ], + [ + "cypress", + 0.2684931507, + "2024-08-16T04:24:09.000" + ], + [ + "cypress", + 0.3452054795, + "2023-08-14T17:10:02.000" + ], + [ + "cypress", + 0.3835616438, + "2024-10-16T20:27:46.000" + ], + [ + "cypress-file-upload", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "cypress-otp", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "detect-browser", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "enzyme", + 0.0, + "2024-10-16T20:27:46.000" + ], + [ + "enzyme-to-json", + 0.0, + "2023-08-14T17:10:02.000" + ], + [ + "eslint", + 0.0493150685, + "2024-10-16T20:27:46.000" + ], + [ + "eslint", + 0.4328767123, + "2025-03-01T04:33:37.000" + ], + [ + "eslint", + 2.0301369863, + "2023-08-14T17:10:02.000" + ], + [ + "eslint", + 2.1068493151, + "2023-09-20T14:27:15.000" + ], + [ + "eslint", + 2.5671232877, + "2024-03-10T21:51:53.000" + ], + [ + "eslint", + 2.8356164384, + "2024-06-08T13:54:33.000" + ], + [ + "eslint", + 3.0273972603, + "2024-08-16T04:24:09.000" + ], + [ + "eslint-config-airbnb", + 1.1315068493, + "2025-03-01T04:33:37.000" + ], + [ + "eslint-config-prettier", + 0.0054794521, + "2023-09-20T14:27:15.000" + ], + [ + "eslint-config-prettier", + 0.3315068493, + "2024-10-16T20:27:46.000" + ], + [ + "eslint-config-prettier", + 1.5698630137, + "2025-03-01T04:33:37.000" + ], + [ + "eslint-config-react-app", + -2.8493150685, + "2025-03-01T04:33:37.000" + ], + [ + "eslint-config-react-app", + 0.0, + "2024-10-16T20:27:46.000" + ], + [ + "eslint-plugin-cypress", + 0.0, + "2024-10-16T20:27:46.000" + ], + [ + "eslint-plugin-cypress", + 0.0520547945, + "2025-03-01T04:33:37.000" + ], + [ + "eslint-plugin-cypress", + 0.1178082192, + "2024-06-08T13:54:33.000" + ], + [ + "eslint-plugin-cypress", + 0.3232876712, + "2024-08-16T04:24:09.000" + ], + [ + "eslint-plugin-import", + 0.0, + "2024-08-16T04:24:09.000" + ], + [ + "eslint-plugin-jsx-a11y", + 0.0, + "2024-08-16T04:24:09.000" + ], + [ + "eslint-plugin-prettier", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "eslint-plugin-prettier", + 1.8876712329, + "2023-09-20T14:27:15.000" + ], + [ + "eslint-plugin-prettier", + 2.3890410959, + "2024-06-08T13:54:33.000" + ], + [ + "eslint-plugin-prettier", + 2.9068493151, + "2024-08-16T04:24:09.000" + ], + [ + "eslint-plugin-react", + 0.0, + "2024-08-16T04:24:09.000" + ], + [ + "eslint-plugin-react-hooks", + -0.2082191781, + "2024-03-10T21:51:53.000" + ], + [ + "eslint-plugin-react-hooks", + 0.0, + "2024-08-16T04:24:09.000" + ], + [ + "eslint-plugin-react-hooks", + 0.4575342466, + "2024-10-16T20:27:46.000" + ], + [ + "eslint-plugin-react-hooks", + 0.8410958904, + "2025-03-01T04:33:37.000" + ], + [ + "eslint-plugin-simple-import-sort", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "eslint-plugin-simple-import-sort", + 2.1369863014, + "2023-09-20T14:27:15.000" + ], + [ + "eslint-plugin-simple-import-sort", + 3.1726027397, + "2024-03-10T21:51:53.000" + ], + [ + "eslint-plugin-simple-import-sort", + 3.3452054795, + "2024-06-08T13:54:33.000" + ], + [ + "eslint-plugin-simple-import-sort", + 3.5643835616, + "2024-08-16T04:24:09.000" + ], + [ + "font-awesome", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "formik", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "glob", + -0.002739726, + "2024-10-16T20:27:46.000" + ], + [ + "glob", + 0.0, + "2024-06-08T13:54:33.000" + ], + [ + "glob", + 0.504109589, + "2025-03-01T04:33:37.000" + ], + [ + "graphql", + -0.002739726, + "2024-10-16T20:27:46.000" + ], + [ + "graphql", + 0.4821917808, + "2025-03-01T04:33:37.000" + ], + [ + "graphql", + 1.5397260274, + "2023-08-14T17:10:02.000" + ], + [ + "graphql", + 1.6849315068, + "2023-09-14T02:10:47.000" + ], + [ + "graphql", + 1.7808219178, + "2024-06-08T13:54:33.000" + ], + [ + "graphql-schema-linter", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "html-react-parser", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "i18next", + 0.0493150685, + "2024-03-10T21:51:53.000" + ], + [ + "i18next", + 0.1780821918, + "2025-03-01T04:33:37.000" + ], + [ + "i18next", + 0.2520547945, + "2024-06-08T13:54:33.000" + ], + [ + "i18next", + 0.4904109589, + "2024-08-16T04:24:09.000" + ], + [ + "i18next", + 0.6493150685, + "2024-10-16T20:27:46.000" + ], + [ + "i18next", + 2.4164383562, + "2023-08-14T17:10:02.000" + ], + [ + "i18next", + 2.498630137, + "2023-09-20T14:27:15.000" + ], + [ + "i18next-browser-languagedetector", + 2.8904109589, + "2023-09-20T14:27:15.000" + ], + [ + "i18next-browser-languagedetector", + 3.2657534247, + "2024-03-10T21:51:53.000" + ], + [ + "i18next-browser-languagedetector", + 3.7671232877, + "2024-10-16T20:27:46.000" + ], + [ + "i18next-browser-languagedetector", + 4.5452054795, + "2025-03-01T04:33:37.000" + ], + [ + "istanbul-lib-coverage", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "jest-canvas-mock", + 0.0, + "2023-09-20T14:27:15.000" + ], + [ + "jest-launchdarkly-mock", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "jest-launchdarkly-mock", + 1.3369863014, + "2023-09-20T14:27:15.000" + ], + [ + "js-base64", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "jsdom", + 0.298630137, + "2025-03-01T04:33:37.000" + ], + [ + "jsdom", + 0.6547945205, + "2024-03-10T21:51:53.000" + ], + [ + "jsdom", + 0.997260274, + "2024-06-08T13:54:33.000" + ], + [ + "jsdom", + 1.1506849315, + "2024-08-16T04:24:09.000" + ], + [ + "jsdom", + 1.3232876712, + "2024-10-16T20:27:46.000" + ], + [ + "json2csv", + 0.9068493151, + "2023-09-14T02:10:47.000" + ], + [ + "launchdarkly-react-client-sdk", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "launchdarkly-react-client-sdk", + 0.304109589, + "2024-03-10T21:51:53.000" + ], + [ + "launchdarkly-react-client-sdk", + 0.5616438356, + "2023-08-14T17:10:02.000" + ], + [ + "launchdarkly-react-client-sdk", + 0.6657534247, + "2023-09-20T14:27:15.000" + ], + [ + "lodash", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "luxon", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "luxon", + 0.5917808219, + "2023-08-14T17:10:02.000" + ], + [ + "luxon", + 0.6657534247, + "2023-09-20T14:27:15.000" + ], + [ + "luxon", + 0.8547945205, + "2024-03-10T21:51:53.000" + ], + [ + "markdown-spellcheck", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "no-scroll", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "nyc", + 0.0, + "2024-06-08T13:54:33.000" + ], + [ + "nyc", + 4.0246575342, + "2024-08-16T04:24:09.000" + ], + [ + "nyc", + 4.304109589, + "2025-03-01T04:33:37.000" + ], + [ + "prettier", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "prettier", + 0.2767123288, + "2023-08-14T17:10:02.000" + ], + [ + "prettier", + 0.3506849315, + "2023-09-20T14:27:15.000" + ], + [ + "prettier", + 0.7835616438, + "2024-03-10T21:51:53.000" + ], + [ + "prettier", + 1.1205479452, + "2024-06-08T13:54:33.000" + ], + [ + "prettier", + 1.2246575342, + "2024-08-16T04:24:09.000" + ], + [ + "react", + 0.6109589041, + "2025-03-01T04:33:37.000" + ], + [ + "react", + 1.2273972603, + "2024-03-10T21:51:53.000" + ], + [ + "react", + 3.095890411, + "2024-10-16T20:27:46.000" + ], + [ + "react-autosuggest", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "react-dom", + 0.6109589041, + "2025-03-01T04:33:37.000" + ], + [ + "react-dom", + 1.2273972603, + "2024-03-10T21:51:53.000" + ], + [ + "react-dom", + 3.095890411, + "2024-10-16T20:27:46.000" + ], + [ + "react-ga4", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "react-hook-form", + -0.1780821918, + "2025-03-01T04:33:37.000" + ], + [ + "react-i18next", + 0.3068493151, + "2024-03-10T21:51:53.000" + ], + [ + "react-i18next", + 0.5150684932, + "2024-06-08T13:54:33.000" + ], + [ + "react-i18next", + 0.7260273973, + "2024-08-16T04:24:09.000" + ], + [ + "react-i18next", + 0.9068493151, + "2024-10-16T20:27:46.000" + ], + [ + "react-i18next", + 1.2602739726, + "2025-03-01T04:33:37.000" + ], + [ + "react-i18next", + 2.2136986301, + "2023-08-14T17:10:02.000" + ], + [ + "react-i18next", + 2.2739726027, + "2023-09-20T14:27:15.000" + ], + [ + "react-idle-timer", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "react-media", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "react-modal", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "react-paginate", + 0.0, + "2024-08-16T04:24:09.000" + ], + [ + "react-redux", + 0.8465753425, + "2023-09-20T14:27:15.000" + ], + [ + "react-redux", + 1.304109589, + "2024-03-10T21:51:53.000" + ], + [ + "react-redux", + 1.6054794521, + "2024-10-16T20:27:46.000" + ], + [ + "react-redux", + 2.2164383562, + "2025-03-01T04:33:37.000" + ], + [ + "react-router-dom", + 0.8520547945, + "2023-08-14T17:10:02.000" + ], + [ + "react-router-dom", + 0.9452054795, + "2023-09-20T14:27:15.000" + ], + [ + "react-router-dom", + 1.4273972603, + "2024-03-10T21:51:53.000" + ], + [ + "react-router-dom", + 1.6054794521, + "2024-06-08T13:54:33.000" + ], + [ + "react-router-dom", + 1.8684931507, + "2024-08-16T04:24:09.000" + ], + [ + "react-router-dom", + 2.0273972603, + "2024-10-16T20:27:46.000" + ], + [ + "react-router-dom", + 2.3835616438, + "2025-03-01T04:33:37.000" + ], + [ + "react-scripts", + 0.0, + "2023-09-20T14:27:15.000" + ], + [ + "react-select", + 0.0, + "2024-10-16T20:27:46.000" + ], + [ + "react-select", + 0.1178082192, + "2025-03-01T04:33:37.000" + ], + [ + "react-select-event", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "react-table", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "react-test-renderer", + 1.6657534247, + "2024-03-10T21:51:53.000" + ], + [ + "react-test-renderer", + 3.5315068493, + "2024-10-16T20:27:46.000" + ], + [ + "react-test-renderer", + 4.1424657534, + "2025-03-01T04:33:37.000" + ], + [ + "react-to-print", + 0.0, + "2024-08-16T04:24:09.000" + ], + [ + "react-to-print", + 0.6273972603, + "2024-10-16T20:27:46.000" + ], + [ + "react-to-print", + 0.9534246575, + "2025-03-01T04:33:37.000" + ], + [ + "redux", + 0.0, + "2023-09-20T14:27:15.000" + ], + [ + "redux", + 0.898630137, + "2025-03-01T04:33:37.000" + ], + [ + "redux-actions", + 3.9452054795, + "2024-06-08T13:54:33.000" + ], + [ + "redux-actions", + 5.3835616438, + "2025-03-01T04:33:37.000" + ], + [ + "redux-devtools-extension", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "redux-mock-store", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "redux-saga", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "redux-saga-routines", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "regenerator-runtime", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "sass", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "sass-loader", + 0.0, + "2023-09-20T14:27:15.000" + ], + [ + "sass-loader", + 0.1506849315, + "2024-03-10T21:51:53.000" + ], + [ + "sass-loader", + 0.3068493151, + "2024-06-08T13:54:33.000" + ], + [ + "sass-loader", + 0.5835616438, + "2024-08-16T04:24:09.000" + ], + [ + "sass-loader", + 0.7369863014, + "2024-10-16T20:27:46.000" + ], + [ + "sass-loader", + 1.1397260274, + "2025-03-01T04:33:37.000" + ], + [ + "sass-resources-loader", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "sinon", + 0.2328767123, + "2023-09-20T14:27:15.000" + ], + [ + "sinon", + 0.3643835616, + "2024-03-10T21:51:53.000" + ], + [ + "sinon", + 0.901369863, + "2024-08-16T04:24:09.000" + ], + [ + "sinon", + 1.2328767123, + "2025-03-01T04:33:37.000" + ], + [ + "start-server-and-test", + 0.0, + "2023-09-20T14:27:15.000" + ], + [ + "start-server-and-test", + 0.7178082192, + "2024-03-10T21:51:53.000" + ], + [ + "start-server-and-test", + 1.2712328767, + "2024-06-08T13:54:33.000" + ], + [ + "start-server-and-test", + 1.4191780822, + "2024-08-16T04:24:09.000" + ], + [ + "start-server-and-test", + 1.5534246575, + "2024-10-16T20:27:46.000" + ], + [ + "start-server-and-test", + 1.8821917808, + "2025-03-01T04:33:37.000" + ], + [ + "storybook", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "storybook", + 0.095890411, + "2024-06-08T13:54:33.000" + ], + [ + "storybook", + 0.1342465753, + "2024-08-16T04:24:09.000" + ], + [ + "storybook", + 0.2767123288, + "2024-10-16T20:27:46.000" + ], + [ + "storybook", + 0.6821917808, + "2025-03-01T04:33:37.000" + ], + [ + "storybook-addon-apollo-client", + 0.0, + "2024-03-10T21:51:53.000" + ], + [ + "storybook-addon-apollo-client", + 0.2465753425, + "2023-09-20T14:27:15.000" + ], + [ + "storybook-addon-apollo-client", + 0.8356164384, + "2024-10-16T20:27:46.000" + ], + [ + "storybook-addon-apollo-client", + 1.6602739726, + "2025-03-01T04:33:37.000" + ], + [ + "subscriptions-transport-ws", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "text-encoding", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "tippy.js", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "ts-loader", + 3.0931506849, + "2023-09-20T14:27:15.000" + ], + [ + "ts-loader", + 3.4767123288, + "2024-10-16T20:27:46.000" + ], + [ + "ts-loader", + 4.6383561644, + "2025-03-01T04:33:37.000" + ], + [ + "ts-node", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "typescript", + -0.002739726, + "2025-03-01T04:33:37.000" + ], + [ + "typescript", + 0.4082191781, + "2023-08-14T17:10:02.000" + ], + [ + "typescript", + 0.5616438356, + "2023-09-20T14:27:15.000" + ], + [ + "typescript", + 1.095890411, + "2024-03-10T21:51:53.000" + ], + [ + "typescript", + 1.1917808219, + "2024-06-08T13:54:33.000" + ], + [ + "typescript", + 1.4767123288, + "2024-08-16T04:24:09.000" + ], + [ + "typescript", + 1.6904109589, + "2024-10-16T20:27:46.000" + ], + [ + "vite", + 0.0, + "2024-10-16T20:27:46.000" + ], + [ + "vite", + 0.0931506849, + "2025-03-01T04:33:37.000" + ], + [ + "vite", + 0.1232876712, + "2024-03-10T21:51:53.000" + ], + [ + "vite", + 0.202739726, + "2024-06-08T13:54:33.000" + ], + [ + "vite-plugin-svgr", + 0.1589041096, + "2024-10-16T20:27:46.000" + ], + [ + "vite-plugin-svgr", + 1.1178082192, + "2025-03-01T04:33:37.000" + ], + [ + "vite-tsconfig-paths", + 0.0, + "2024-06-08T13:54:33.000" + ], + [ + "vite-tsconfig-paths", + 0.402739726, + "2024-10-16T20:27:46.000" + ], + [ + "vite-tsconfig-paths", + 0.7315068493, + "2025-03-01T04:33:37.000" + ], + [ + "vitest", + 0.0575342466, + "2025-03-01T04:33:37.000" + ], + [ + "vitest", + 0.3945205479, + "2024-03-10T21:51:53.000" + ], + [ + "vitest", + 0.5945205479, + "2024-06-08T13:54:33.000" + ], + [ + "vitest", + 0.8383561644, + "2024-08-16T04:24:09.000" + ], + [ + "vitest", + 1.0438356164, + "2024-10-16T20:27:46.000" + ], + [ + "wait-on", + 0.0, + "2024-08-16T04:24:09.000" + ], + [ + "wait-on", + 0.8219178082, + "2024-10-16T20:27:46.000" + ], + [ + "wait-on", + 1.1561643836, + "2025-03-01T04:33:37.000" + ], + [ + "wait-on", + 1.7479452055, + "2023-09-20T14:27:15.000" + ], + [ + "wait-on", + 2.6602739726, + "2024-03-10T21:51:53.000" + ], + [ + "webpack", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "yup", + 0.0, + "2025-03-01T04:33:37.000" + ], + [ + "yup", + 2.2657534247, + "2023-09-20T14:27:15.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/newrelic_mysql_java_plugin/newrelic_mysql_java_plugin_data.json b/app/site/_data/CMSgov/newrelic_mysql_java_plugin/newrelic_mysql_java_plugin_data.json index a2df27e425..63645b2f05 100644 --- a/app/site/_data/CMSgov/newrelic_mysql_java_plugin/newrelic_mysql_java_plugin_data.json +++ b/app/site/_data/CMSgov/newrelic_mysql_java_plugin/newrelic_mysql_java_plugin_data.json @@ -1,353 +1,353 @@ { - "url": "https://github.com/CMSgov/newrelic_mysql_java_plugin", - "owner": "CMSgov", - "name": "newrelic_mysql_java_plugin", - "description": "MySQL Metrics Plugin", - "commits_count": 245, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 4, - "stargazers_count": 2, - "watchers_count": 32, - "total_project_lines": 2388, - "average_project_lines": 119, - "total_project_comment_lines": 263, - "average_project_comment_lines": 13, - "total_project_blank_lines": 441, - "average_blank_lines": 22, - "commits_by_month": { - "2014/10": 1, - "2014/6": 2, - "2014/5": 4, - "2014/4": 16, - "2014/3": 4, - "2014/1": 3 + "url": "https://github.com/CMSgov/newrelic_mysql_java_plugin", + "owner": "CMSgov", + "name": "newrelic_mysql_java_plugin", + "description": "MySQL Metrics Plugin", + "commits_count": 245, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 4, + "stargazers_count": 2, + "watchers_count": 32, + "total_project_lines": 2388, + "average_project_lines": 119, + "total_project_comment_lines": 263, + "average_project_comment_lines": 13, + "total_project_blank_lines": 441, + "average_blank_lines": 22, + "commits_by_month": { + "2014/10": 1, + "2014/6": 2, + "2014/5": 4, + "2014/4": 16, + "2014/3": 4, + "2014/1": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2014-10-29T12:23:48Z", + "ossf_scorecard": { + "date": "2025-02-23T16:41:54Z", + "repo": { + "name": "github.com/CMSgov/newrelic_mysql_java_plugin", + "commit": "bae6bd022cbe47133bb9a919d9fb32338b1c9327" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2014-10-29T12:23:48Z", - "ossf_scorecard": { - "date": "2025-02-23T16:41:54Z", - "repo": { - "name": "github.com/CMSgov/newrelic_mysql_java_plugin", - "commit": "bae6bd022cbe47133bb9a919d9fb32338b1c9327" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.3, - "checks": [ - { - "details": null, - "score": 6, - "reason": "binaries present in source code", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 79380, - "CodeBytes": 0, - "Lines": 1765, - "Code": 1253, - "Comment": 262, - "Blank": 250, - "Complexity": 135, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 5429, - "CodeBytes": 0, - "Lines": 37, - "Code": 37, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 17083, - "CodeBytes": 0, - "Lines": 364, - "Code": 210, - "Comment": 0, - "Blank": 154, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 5506, - "CodeBytes": 0, - "Lines": 110, - "Code": 87, - "Comment": 0, - "Blank": 23, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 1075, - "CodeBytes": 0, - "Lines": 21, - "Code": 17, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 324, - "CodeBytes": 0, - "Lines": 4, - "Code": 4, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 3981, - "CodeBytes": 0, - "Lines": 87, - "Code": 76, - "Comment": 1, - "Blank": 10, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 42581.49697298271, - "estimatedScheduleMonths_low": 4.292702321845686, - "estimatedPeople_low": 0.9663615905050673, - "estimatedCost_high": 132702.54223822462, - "estimatedScheduleMonths_high": 4.292702321845686, - "estimatedPeople_high": 0.9663615905050673, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 10 1765 250 262 1253 135\n(ULOC) 1057\n-------------------------------------------------------------------------------\nJSON 3 37 0 0 37 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nMarkdown 2 364 154 0 210 0\n(ULOC) 174\n-------------------------------------------------------------------------------\nPlain Text 2 110 23 0 87 0\n(ULOC) 88\n-------------------------------------------------------------------------------\nLicense 1 21 4 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nSQL 1 4 0 0 4 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nXML 1 87 10 1 76 0\n(ULOC) 73\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 20 2388 441 263 1684 135\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1426\nDRYness % 0.60\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $46,693\nEstimated Schedule Effort (organic) 4.29 months\nEstimated People Required (organic) 0.97\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 112778 bytes, 0.113 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.3, + "checks": [ + { + "details": null, + "score": 6, + "reason": "binaries present in source code", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 79380, + "CodeBytes": 0, + "Lines": 1765, + "Code": 1253, + "Comment": 262, + "Blank": 250, + "Complexity": 135, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 5429, + "CodeBytes": 0, + "Lines": 37, + "Code": 37, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 17083, + "CodeBytes": 0, + "Lines": 364, + "Code": 210, + "Comment": 0, + "Blank": 154, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 5506, + "CodeBytes": 0, + "Lines": 110, + "Code": 87, + "Comment": 0, + "Blank": 23, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 1075, + "CodeBytes": 0, + "Lines": 21, + "Code": 17, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 324, + "CodeBytes": 0, + "Lines": 4, + "Code": 4, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 3981, + "CodeBytes": 0, + "Lines": 87, + "Code": 76, + "Comment": 1, + "Blank": 10, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 42581.49697298271, + "estimatedScheduleMonths_low": 4.292702321845686, + "estimatedPeople_low": 0.9663615905050673, + "estimatedCost_high": 132702.54223822462, + "estimatedScheduleMonths_high": 4.292702321845686, + "estimatedPeople_high": 0.9663615905050673, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 10 1765 250 262 1253 135\n(ULOC) 1057\n-------------------------------------------------------------------------------\nJSON 3 37 0 0 37 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nMarkdown 2 364 154 0 210 0\n(ULOC) 174\n-------------------------------------------------------------------------------\nPlain Text 2 110 23 0 87 0\n(ULOC) 88\n-------------------------------------------------------------------------------\nLicense 1 21 4 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nSQL 1 4 0 0 4 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nXML 1 87 10 1 76 0\n(ULOC) 73\n───────────────────────────────────────────────────────────────────────────────\nTotal 20 2388 441 263 1684 135\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1426\nDRYness % 0.60\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $46,693\nEstimated Schedule Effort (organic) 4.29 months\nEstimated People Required (organic) 0.97\n───────────────────────────────────────────────────────────────────────────────\nProcessed 112778 bytes, 0.113 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/nimbus-pub-code-scanning-1/nimbus-pub-code-scanning-1_data.json b/app/site/_data/CMSgov/nimbus-pub-code-scanning-1/nimbus-pub-code-scanning-1_data.json index 58df76cd1f..ab946c51d3 100644 --- a/app/site/_data/CMSgov/nimbus-pub-code-scanning-1/nimbus-pub-code-scanning-1_data.json +++ b/app/site/_data/CMSgov/nimbus-pub-code-scanning-1/nimbus-pub-code-scanning-1_data.json @@ -1,351 +1,351 @@ { - "url": "https://github.com/CMSgov/nimbus-pub-code-scanning-1", - "owner": "CMSgov", - "name": "nimbus-pub-code-scanning-1", - "description": null, - "commits_count": 5, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 2, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 7, - "total_project_lines": 543, - "average_project_lines": 36, - "total_project_comment_lines": 72, - "average_project_comment_lines": 5, - "total_project_blank_lines": 100, - "average_blank_lines": 7, - "commits_by_month": { - "2021/4": 1, - "2020/12": 4 + "url": "https://github.com/CMSgov/nimbus-pub-code-scanning-1", + "owner": "CMSgov", + "name": "nimbus-pub-code-scanning-1", + "description": null, + "commits_count": 5, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 2, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 7, + "total_project_lines": 543, + "average_project_lines": 36, + "total_project_comment_lines": 72, + "average_project_comment_lines": 5, + "total_project_blank_lines": 100, + "average_blank_lines": 7, + "commits_by_month": { + "2021/4": 1, + "2020/12": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2020-12-18T14:34:20Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:31Z", + "repo": { + "name": "github.com/CMSgov/nimbus-pub-code-scanning-1", + "commit": "3353b6d99e07d82c5bada6aefb8cd622ba2e302b" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2020-12-18T14:34:20Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:31Z", - "repo": { - "name": "github.com/CMSgov/nimbus-pub-code-scanning-1", - "commit": "3353b6d99e07d82c5bada6aefb8cd622ba2e302b" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.0, - "checks": [ - { - "details": null, - "score": 9, - "reason": "binaries present in source code", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/5 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool detected: CodeQL", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 9, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 3428, - "CodeBytes": 0, - "Lines": 145, - "Code": 108, - "Comment": 1, - "Blank": 36, - "Complexity": 27, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gradle", - "Bytes": 388, - "CodeBytes": 0, - "Lines": 19, - "Code": 13, - "Comment": 1, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 218, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2736, - "CodeBytes": 0, - "Lines": 82, - "Code": 36, - "Comment": 34, - "Blank": 12, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Batch", - "Bytes": 2954, - "CodeBytes": 0, - "Lines": 104, - "Code": 78, - "Comment": 0, - "Blank": 26, - "Complexity": 22, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 58, - "CodeBytes": 0, - "Lines": 2, - "Code": 2, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 5770, - "CodeBytes": 0, - "Lines": 185, - "Code": 128, - "Comment": 36, - "Blank": 21, - "Complexity": 19, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 8697.698294085645, - "estimatedScheduleMonths_low": 2.3474722682891134, - "estimatedPeople_low": 0.3609552611814017, - "estimatedCost_high": 27105.82664528117, - "estimatedScheduleMonths_high": 2.3474722682891134, - "estimatedPeople_high": 0.3609552611814017, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 6 145 36 1 108 27\n(ULOC) 86\n-------------------------------------------------------------------------------\nGradle 2 19 5 1 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nProperties File 2 6 0 0 6 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nYAML 2 82 12 34 36 0\n(ULOC) 68\n-------------------------------------------------------------------------------\nBatch 1 104 26 0 78 22\n(ULOC) 66\n-------------------------------------------------------------------------------\nMarkdown 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nShell 1 185 21 36 128 19\n(ULOC) 137\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 15 543 100 72 371 68\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 371\nDRYness % 0.68\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $9,537\nEstimated Schedule Effort (organic) 2.35 months\nEstimated People Required (organic) 0.36\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 15552 bytes, 0.016 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Java": 3428 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.0, + "checks": [ + { + "details": null, + "score": 9, + "reason": "binaries present in source code", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/5 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool detected: CodeQL", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 9, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 3428, + "CodeBytes": 0, + "Lines": 145, + "Code": 108, + "Comment": 1, + "Blank": 36, + "Complexity": 27, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gradle", + "Bytes": 388, + "CodeBytes": 0, + "Lines": 19, + "Code": 13, + "Comment": 1, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 218, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2736, + "CodeBytes": 0, + "Lines": 82, + "Code": 36, + "Comment": 34, + "Blank": 12, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Batch", + "Bytes": 2954, + "CodeBytes": 0, + "Lines": 104, + "Code": 78, + "Comment": 0, + "Blank": 26, + "Complexity": 22, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 58, + "CodeBytes": 0, + "Lines": 2, + "Code": 2, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 5770, + "CodeBytes": 0, + "Lines": 185, + "Code": 128, + "Comment": 36, + "Blank": 21, + "Complexity": 19, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 8697.698294085645, + "estimatedScheduleMonths_low": 2.3474722682891134, + "estimatedPeople_low": 0.3609552611814017, + "estimatedCost_high": 27105.82664528117, + "estimatedScheduleMonths_high": 2.3474722682891134, + "estimatedPeople_high": 0.3609552611814017, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 6 145 36 1 108 27\n(ULOC) 86\n-------------------------------------------------------------------------------\nGradle 2 19 5 1 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nProperties File 2 6 0 0 6 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nYAML 2 82 12 34 36 0\n(ULOC) 68\n-------------------------------------------------------------------------------\nBatch 1 104 26 0 78 22\n(ULOC) 66\n-------------------------------------------------------------------------------\nMarkdown 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nShell 1 185 21 36 128 19\n(ULOC) 137\n───────────────────────────────────────────────────────────────────────────────\nTotal 15 543 100 72 371 68\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 371\nDRYness % 0.68\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $9,537\nEstimated Schedule Effort (organic) 2.35 months\nEstimated People Required (organic) 0.36\n───────────────────────────────────────────────────────────────────────────────\nProcessed 15552 bytes, 0.016 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 3428 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/nimbus-pub-github-action-poc/nimbus-pub-github-action-poc_data.json b/app/site/_data/CMSgov/nimbus-pub-github-action-poc/nimbus-pub-github-action-poc_data.json index 2e1c8fe0b3..d617d6fc68 100644 --- a/app/site/_data/CMSgov/nimbus-pub-github-action-poc/nimbus-pub-github-action-poc_data.json +++ b/app/site/_data/CMSgov/nimbus-pub-github-action-poc/nimbus-pub-github-action-poc_data.json @@ -1,350 +1,350 @@ { - "url": "https://github.com/CMSgov/nimbus-pub-github-action-poc", - "owner": "CMSgov", - "name": "nimbus-pub-github-action-poc", - "description": null, - "commits_count": 72, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 16, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 7, - "closed_pull_requests_count": 8, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 8, - "total_project_lines": 575, - "average_project_lines": 38, - "total_project_comment_lines": 81, - "average_project_comment_lines": 5, - "total_project_blank_lines": 108, - "average_blank_lines": 7, - "commits_by_month": { - "2021/4": 30 + "url": "https://github.com/CMSgov/nimbus-pub-github-action-poc", + "owner": "CMSgov", + "name": "nimbus-pub-github-action-poc", + "description": null, + "commits_count": 72, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 16, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 7, + "closed_pull_requests_count": 8, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 8, + "total_project_lines": 575, + "average_project_lines": 38, + "total_project_comment_lines": 81, + "average_project_comment_lines": 5, + "total_project_blank_lines": 108, + "average_blank_lines": 7, + "commits_by_month": { + "2021/4": 30 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2020-10-29T12:29:22Z", + "ossf_scorecard": { + "date": "2025-02-23T16:43:55Z", + "repo": { + "name": "github.com/CMSgov/nimbus-pub-github-action-poc", + "commit": "9d5e4468921cae999e66b79d9e3c23c3c18656e6" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2020-10-29T12:29:22Z", - "ossf_scorecard": { - "date": "2025-02-23T16:43:55Z", - "repo": { - "name": "github.com/CMSgov/nimbus-pub-github-action-poc", - "commit": "9d5e4468921cae999e66b79d9e3c23c3c18656e6" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.7, - "checks": [ - { - "details": null, - "score": 9, - "reason": "binaries present in source code", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/4 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 7, - "reason": "SAST tool detected but not run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 9, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Java", - "Bytes": 3479, - "CodeBytes": 0, - "Lines": 146, - "Code": 108, - "Comment": 2, - "Blank": 36, - "Complexity": 27, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gradle", - "Bytes": 388, - "CodeBytes": 0, - "Lines": 19, - "Code": 13, - "Comment": 1, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 218, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 3490, - "CodeBytes": 0, - "Lines": 106, - "Code": 49, - "Comment": 42, - "Blank": 15, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Batch", - "Bytes": 2954, - "CodeBytes": 0, - "Lines": 104, - "Code": 78, - "Comment": 0, - "Blank": 26, - "Complexity": 22, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 329, - "CodeBytes": 0, - "Lines": 9, - "Code": 4, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 5770, - "CodeBytes": 0, - "Lines": 185, - "Code": 128, - "Comment": 36, - "Blank": 21, - "Complexity": 19, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 9067.308739285427, - "estimatedScheduleMonths_low": 2.3848914416374694, - "estimatedPeople_low": 0.37039003726280273, - "estimatedCost_high": 28257.6942216356, - "estimatedScheduleMonths_high": 2.3848914416374694, - "estimatedPeople_high": 0.37039003726280273, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJava 6 146 36 2 108 27\n(ULOC) 87\n-------------------------------------------------------------------------------\nGradle 2 19 5 1 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nProperties File 2 6 0 0 6 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nYAML 2 106 15 42 49 0\n(ULOC) 88\n-------------------------------------------------------------------------------\nBatch 1 104 26 0 78 22\n(ULOC) 66\n-------------------------------------------------------------------------------\nMarkdown 1 9 5 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nShell 1 185 21 36 128 19\n(ULOC) 137\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 15 575 108 81 386 68\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 393\nDRYness % 0.68\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $9,942\nEstimated Schedule Effort (organic) 2.38 months\nEstimated People Required (organic) 0.37\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 16628 bytes, 0.017 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Java": 3479 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.7, + "checks": [ + { + "details": null, + "score": 9, + "reason": "binaries present in source code", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/4 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 7, + "reason": "SAST tool detected but not run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 9, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Java", + "Bytes": 3479, + "CodeBytes": 0, + "Lines": 146, + "Code": 108, + "Comment": 2, + "Blank": 36, + "Complexity": 27, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gradle", + "Bytes": 388, + "CodeBytes": 0, + "Lines": 19, + "Code": 13, + "Comment": 1, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 218, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 3490, + "CodeBytes": 0, + "Lines": 106, + "Code": 49, + "Comment": 42, + "Blank": 15, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Batch", + "Bytes": 2954, + "CodeBytes": 0, + "Lines": 104, + "Code": 78, + "Comment": 0, + "Blank": 26, + "Complexity": 22, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 329, + "CodeBytes": 0, + "Lines": 9, + "Code": 4, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 5770, + "CodeBytes": 0, + "Lines": 185, + "Code": 128, + "Comment": 36, + "Blank": 21, + "Complexity": 19, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 9067.308739285427, + "estimatedScheduleMonths_low": 2.3848914416374694, + "estimatedPeople_low": 0.37039003726280273, + "estimatedCost_high": 28257.6942216356, + "estimatedScheduleMonths_high": 2.3848914416374694, + "estimatedPeople_high": 0.37039003726280273, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 6 146 36 2 108 27\n(ULOC) 87\n-------------------------------------------------------------------------------\nGradle 2 19 5 1 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nProperties File 2 6 0 0 6 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nYAML 2 106 15 42 49 0\n(ULOC) 88\n-------------------------------------------------------------------------------\nBatch 1 104 26 0 78 22\n(ULOC) 66\n-------------------------------------------------------------------------------\nMarkdown 1 9 5 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nShell 1 185 21 36 128 19\n(ULOC) 137\n───────────────────────────────────────────────────────────────────────────────\nTotal 15 575 108 81 386 68\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 393\nDRYness % 0.68\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $9,942\nEstimated Schedule Effort (organic) 2.38 months\nEstimated People Required (organic) 0.37\n───────────────────────────────────────────────────────────────────────────────\nProcessed 16628 bytes, 0.017 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 3479 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/oopc-calculations/oopc-calculations_data.json b/app/site/_data/CMSgov/oopc-calculations/oopc-calculations_data.json index 5d940fadf1..508dba2f3b 100644 --- a/app/site/_data/CMSgov/oopc-calculations/oopc-calculations_data.json +++ b/app/site/_data/CMSgov/oopc-calculations/oopc-calculations_data.json @@ -1,275 +1,275 @@ { - "url": "https://github.com/CMSgov/oopc-calculations", - "owner": "CMSgov", - "name": "oopc-calculations", - "description": "This code fragment represents the portion of programming that calculates the estimated out of pocket cost for a given household under a specific plan within the Window Shopping experience on HealthCare.gov.", - "commits_count": 3, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 2, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 1, - "forks_count": 5, - "stargazers_count": 0, - "watchers_count": 43, - "total_project_lines": 1245, - "average_project_lines": 415, - "total_project_comment_lines": 56, - "average_project_comment_lines": 19, - "total_project_blank_lines": 190, - "average_blank_lines": 63, - "commits_by_month": { - "2016/12": 3 + "url": "https://github.com/CMSgov/oopc-calculations", + "owner": "CMSgov", + "name": "oopc-calculations", + "description": "This code fragment represents the portion of programming that calculates the estimated out of pocket cost for a given household under a specific plan within the Window Shopping experience on HealthCare.gov.", + "commits_count": 3, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 2, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 1, + "forks_count": 5, + "stargazers_count": 0, + "watchers_count": 43, + "total_project_lines": 1245, + "average_project_lines": 415, + "total_project_comment_lines": 56, + "average_project_comment_lines": 19, + "total_project_blank_lines": 190, + "average_blank_lines": 63, + "commits_by_month": { + "2016/12": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2016-12-08T20:13:15Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:54Z", + "repo": { + "name": "github.com/CMSgov/oopc-calculations", + "commit": "b4382cb390e5f8ca512a34d5f4b6c67bb256ef9c" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2016-12-08T20:13:15Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:54Z", - "repo": { - "name": "github.com/CMSgov/oopc-calculations", - "commit": "b4382cb390e5f8ca512a34d5f4b6c67bb256ef9c" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/2 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 1955, - "CodeBytes": 0, - "Lines": 45, - "Code": 30, - "Comment": 0, - "Blank": 15, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go", - "Bytes": 35444, - "CodeBytes": 0, - "Lines": 1200, - "Code": 969, - "Comment": 56, - "Blank": 175, - "Complexity": 284, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 24609.65335088728, - "estimatedScheduleMonths_low": 3.4853541226479114, - "estimatedPeople_low": 0.687872732197018, - "estimatedCost_high": 76694.4282239833, - "estimatedScheduleMonths_high": 3.4853541226479114, - "estimatedPeople_high": 0.687872732197018, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 2 45 15 0 30 0\n(ULOC) 29\n-------------------------------------------------------------------------------\nGo 1 1200 175 56 969 284\n(ULOC) 746\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 3 1245 190 56 999 284\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 774\nDRYness % 0.62\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $26,986\nEstimated Schedule Effort (organic) 3.49 months\nEstimated People Required (organic) 0.69\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 37399 bytes, 0.037 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Go": 35444 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/2 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 1955, + "CodeBytes": 0, + "Lines": 45, + "Code": 30, + "Comment": 0, + "Blank": 15, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go", + "Bytes": 35444, + "CodeBytes": 0, + "Lines": 1200, + "Code": 969, + "Comment": 56, + "Blank": 175, + "Complexity": 284, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 24609.65335088728, + "estimatedScheduleMonths_low": 3.4853541226479114, + "estimatedPeople_low": 0.687872732197018, + "estimatedCost_high": 76694.4282239833, + "estimatedScheduleMonths_high": 3.4853541226479114, + "estimatedPeople_high": 0.687872732197018, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 2 45 15 0 30 0\n(ULOC) 29\n-------------------------------------------------------------------------------\nGo 1 1200 175 56 969 284\n(ULOC) 746\n───────────────────────────────────────────────────────────────────────────────\nTotal 3 1245 190 56 999 284\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 774\nDRYness % 0.62\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $26,986\nEstimated Schedule Effort (organic) 3.49 months\nEstimated People Required (organic) 0.69\n───────────────────────────────────────────────────────────────────────────────\nProcessed 37399 bytes, 0.037 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Go": 35444 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/oracle-database-19c-cis-baseline/oracle-database-19c-cis-baseline_data.json b/app/site/_data/CMSgov/oracle-database-19c-cis-baseline/oracle-database-19c-cis-baseline_data.json index 09810b33b3..2589637589 100644 --- a/app/site/_data/CMSgov/oracle-database-19c-cis-baseline/oracle-database-19c-cis-baseline_data.json +++ b/app/site/_data/CMSgov/oracle-database-19c-cis-baseline/oracle-database-19c-cis-baseline_data.json @@ -1,305 +1,305 @@ { - "url": "https://github.com/CMSgov/oracle-database-19c-cis-baseline", - "owner": "CMSgov", - "name": "oracle-database-19c-cis-baseline", - "description": null, - "commits_count": 1, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 16, - "total_project_lines": 10334, - "average_project_lines": 89, - "total_project_comment_lines": 3, - "average_project_comment_lines": 0, - "total_project_blank_lines": 428, - "average_blank_lines": 4, - "commits_by_month": { - "2022/3": 1 + "url": "https://github.com/CMSgov/oracle-database-19c-cis-baseline", + "owner": "CMSgov", + "name": "oracle-database-19c-cis-baseline", + "description": null, + "commits_count": 1, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 16, + "total_project_lines": 10334, + "average_project_lines": 89, + "total_project_comment_lines": 3, + "average_project_comment_lines": 0, + "total_project_blank_lines": 428, + "average_blank_lines": 4, + "commits_by_month": { + "2022/3": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2022-03-08T17:57:39Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:19Z", + "repo": { + "name": "github.com/CMSgov/oracle-database-19c-cis-baseline", + "commit": "a04e6b53a91912ff16693bbf34fcceef8c9c345f" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2022-03-08T17:57:39Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:19Z", - "repo": { - "name": "github.com/CMSgov/oracle-database-19c-cis-baseline", - "commit": "a04e6b53a91912ff16693bbf34fcceef8c9c345f" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/1 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Ruby", - "Bytes": 358334, - "CodeBytes": 0, - "Lines": 10018, - "Code": 9630, - "Comment": 3, - "Blank": 385, - "Complexity": 198, - "Count": 109, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1861, - "CodeBytes": 0, - "Lines": 80, - "Code": 71, - "Comment": 0, - "Blank": 9, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 61, - "CodeBytes": 0, - "Lines": 4, - "Code": 3, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 14375, - "CodeBytes": 0, - "Lines": 232, - "Code": 199, - "Comment": 0, - "Blank": 33, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 273600.47793045157, - "estimatedScheduleMonths_low": 8.704247378412493, - "estimatedPeople_low": 3.0622111560387366, - "estimatedCost_high": 852658.5855354193, - "estimatedScheduleMonths_high": 8.704247378412493, - "estimatedPeople_high": 3.0622111560387366, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nRuby 109 10018 385 3 9630 198\n(ULOC) 2373\n-------------------------------------------------------------------------------\nYAML 5 80 9 0 71 0\n(ULOC) 55\n-------------------------------------------------------------------------------\nGemfile 1 4 1 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nMarkdown 1 232 33 0 199 0\n(ULOC) 183\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 116 10334 428 3 9903 198\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 2603\nDRYness % 0.25\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $300,020\nEstimated Schedule Effort (organic) 8.70 months\nEstimated People Required (organic) 3.06\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 374631 bytes, 0.375 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Ruby": 358395 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/1 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Ruby", + "Bytes": 358334, + "CodeBytes": 0, + "Lines": 10018, + "Code": 9630, + "Comment": 3, + "Blank": 385, + "Complexity": 198, + "Count": 109, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1861, + "CodeBytes": 0, + "Lines": 80, + "Code": 71, + "Comment": 0, + "Blank": 9, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 61, + "CodeBytes": 0, + "Lines": 4, + "Code": 3, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 14375, + "CodeBytes": 0, + "Lines": 232, + "Code": 199, + "Comment": 0, + "Blank": 33, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 273600.47793045157, + "estimatedScheduleMonths_low": 8.704247378412493, + "estimatedPeople_low": 3.0622111560387366, + "estimatedCost_high": 852658.5855354193, + "estimatedScheduleMonths_high": 8.704247378412493, + "estimatedPeople_high": 3.0622111560387366, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nRuby 109 10018 385 3 9630 198\n(ULOC) 2373\n-------------------------------------------------------------------------------\nYAML 5 80 9 0 71 0\n(ULOC) 55\n-------------------------------------------------------------------------------\nGemfile 1 4 1 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nMarkdown 1 232 33 0 199 0\n(ULOC) 183\n───────────────────────────────────────────────────────────────────────────────\nTotal 116 10334 428 3 9903 198\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2603\nDRYness % 0.25\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $300,020\nEstimated Schedule Effort (organic) 8.70 months\nEstimated People Required (organic) 3.06\n───────────────────────────────────────────────────────────────────────────────\nProcessed 374631 bytes, 0.375 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Ruby": 358395 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/portal-test-user-manager/portal-test-user-manager_data.json b/app/site/_data/CMSgov/portal-test-user-manager/portal-test-user-manager_data.json index b959640c27..e979b54bd5 100644 --- a/app/site/_data/CMSgov/portal-test-user-manager/portal-test-user-manager_data.json +++ b/app/site/_data/CMSgov/portal-test-user-manager/portal-test-user-manager_data.json @@ -1,355 +1,355 @@ { - "url": "https://github.com/CMSgov/portal-test-user-manager", - "owner": "CMSgov", - "name": "portal-test-user-manager", - "description": null, - "commits_count": 24, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 24, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 23, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 2, - "watchers_count": 9, - "total_project_lines": 3488, - "average_project_lines": 120, - "total_project_comment_lines": 120, - "average_project_comment_lines": 4, - "total_project_blank_lines": 439, - "average_blank_lines": 15, - "commits_by_month": { - "2022/3": 1, - "2022/2": 8, - "2022/1": 11, - "2021/12": 4 + "url": "https://github.com/CMSgov/portal-test-user-manager", + "owner": "CMSgov", + "name": "portal-test-user-manager", + "description": null, + "commits_count": 24, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 24, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 23, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 2, + "watchers_count": 9, + "total_project_lines": 3488, + "average_project_lines": 120, + "total_project_comment_lines": 120, + "average_project_comment_lines": 4, + "total_project_blank_lines": 439, + "average_blank_lines": 15, + "commits_by_month": { + "2022/3": 1, + "2022/2": 8, + "2022/1": 11, + "2021/12": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2021-12-02T18:36:26Z", + "ossf_scorecard": { + "date": "2025-02-23T16:42:08Z", + "repo": { + "name": "github.com/CMSgov/portal-test-user-manager", + "commit": "0c04f4abd5737232fb2304647e43764e7d0c3ad2" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2021-12-02T18:36:26Z", - "ossf_scorecard": { - "date": "2025-02-23T16:42:08Z", - "repo": { - "name": "github.com/CMSgov/portal-test-user-manager", - "commit": "0c04f4abd5737232fb2304647e43764e7d0c3ad2" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 8, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 23 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 23/24 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 2, - "reason": "dependency not pinned by hash detected -- score normalized to 2", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 8, - "reason": "2 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 19462, - "CodeBytes": 0, - "Lines": 694, - "Code": 539, - "Comment": 33, - "Blank": 122, - "Complexity": 17, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go", - "Bytes": 72545, - "CodeBytes": 0, - "Lines": 2581, - "Code": 2213, - "Comment": 83, - "Blank": 285, - "Complexity": 541, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 5089, - "CodeBytes": 0, - "Lines": 97, - "Code": 68, - "Comment": 0, - "Blank": 29, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HCL", - "Bytes": 2273, - "CodeBytes": 0, - "Lines": 43, - "Code": 37, - "Comment": 4, - "Blank": 2, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 333, - "CodeBytes": 0, - "Lines": 10, - "Code": 9, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 2150, - "CodeBytes": 0, - "Lines": 48, - "Code": 48, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Jenkins Buildfile", - "Bytes": 370, - "CodeBytes": 0, - "Lines": 15, - "Code": 15, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 76140.73659989939, - "estimatedScheduleMonths_low": 5.353543178950667, - "estimatedPeople_low": 1.3855597927253505, - "estimatedCost_high": 237287.79007249454, - "estimatedScheduleMonths_high": 5.353543178950667, - "estimatedPeople_high": 1.3855597927253505, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 12 694 122 33 539 17\n(ULOC) 381\n-------------------------------------------------------------------------------\nGo 8 2581 285 83 2213 541\n(ULOC) 1242\n-------------------------------------------------------------------------------\nMarkdown 4 97 29 0 68 0\n(ULOC) 62\n-------------------------------------------------------------------------------\nHCL 2 43 2 4 37 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nDockerfile 1 10 1 0 9 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nJSON 1 48 0 0 48 0\n(ULOC) 45\n-------------------------------------------------------------------------------\nJenkins Buildfile 1 15 0 0 15 0\n(ULOC) 15\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 29 3488 439 120 2929 558\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1762\nDRYness % 0.51\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $83,493\nEstimated Schedule Effort (organic) 5.35 months\nEstimated People Required (organic) 1.39\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 102222 bytes, 0.102 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Go": 72545, - "HCL": 19462, - "Dockerfile": 333 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 8, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 23 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 23/24 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 2, + "reason": "dependency not pinned by hash detected -- score normalized to 2", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 8, + "reason": "2 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 19462, + "CodeBytes": 0, + "Lines": 694, + "Code": 539, + "Comment": 33, + "Blank": 122, + "Complexity": 17, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go", + "Bytes": 72545, + "CodeBytes": 0, + "Lines": 2581, + "Code": 2213, + "Comment": 83, + "Blank": 285, + "Complexity": 541, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 5089, + "CodeBytes": 0, + "Lines": 97, + "Code": 68, + "Comment": 0, + "Blank": 29, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HCL", + "Bytes": 2273, + "CodeBytes": 0, + "Lines": 43, + "Code": 37, + "Comment": 4, + "Blank": 2, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 333, + "CodeBytes": 0, + "Lines": 10, + "Code": 9, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 2150, + "CodeBytes": 0, + "Lines": 48, + "Code": 48, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Jenkins Buildfile", + "Bytes": 370, + "CodeBytes": 0, + "Lines": 15, + "Code": 15, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 76140.73659989939, + "estimatedScheduleMonths_low": 5.353543178950667, + "estimatedPeople_low": 1.3855597927253505, + "estimatedCost_high": 237287.79007249454, + "estimatedScheduleMonths_high": 5.353543178950667, + "estimatedPeople_high": 1.3855597927253505, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 12 694 122 33 539 17\n(ULOC) 381\n-------------------------------------------------------------------------------\nGo 8 2581 285 83 2213 541\n(ULOC) 1242\n-------------------------------------------------------------------------------\nMarkdown 4 97 29 0 68 0\n(ULOC) 62\n-------------------------------------------------------------------------------\nHCL 2 43 2 4 37 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nDockerfile 1 10 1 0 9 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nJSON 1 48 0 0 48 0\n(ULOC) 45\n-------------------------------------------------------------------------------\nJenkins Buildfile 1 15 0 0 15 0\n(ULOC) 15\n───────────────────────────────────────────────────────────────────────────────\nTotal 29 3488 439 120 2929 558\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1762\nDRYness % 0.51\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $83,493\nEstimated Schedule Effort (organic) 5.35 months\nEstimated People Required (organic) 1.39\n───────────────────────────────────────────────────────────────────────────────\nProcessed 102222 bytes, 0.102 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Go": 72545, + "HCL": 19462, + "Dockerfile": 333 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/price-transparency-guide-validator/price-transparency-guide-validator_data.json b/app/site/_data/CMSgov/price-transparency-guide-validator/price-transparency-guide-validator_data.json index 805a973d4a..e5eceda50f 100644 --- a/app/site/_data/CMSgov/price-transparency-guide-validator/price-transparency-guide-validator_data.json +++ b/app/site/_data/CMSgov/price-transparency-guide-validator/price-transparency-guide-validator_data.json @@ -1,552 +1,552 @@ { - "url": "https://github.com/CMSgov/price-transparency-guide-validator", - "owner": "CMSgov", - "name": "price-transparency-guide-validator", - "description": "Validation tool to check output files required by the price-transparency-guide", - "commits_count": 98, - "issues_count": 48, - "open_issues_count": 5, - "closed_issues_count": 43, - "pull_requests_count": 52, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 45, - "closed_pull_requests_count": 7, - "forks_count": 15, - "stargazers_count": 32, - "watchers_count": 17, - "total_project_lines": 3447, - "average_project_lines": 108, - "total_project_comment_lines": 69, - "average_project_comment_lines": 2, - "total_project_blank_lines": 267, - "average_blank_lines": 8, - "commits_by_month": { - "2024/12": 1, - "2024/10": 1, - "2024/9": 1, - "2024/1": 4, - "2023/12": 2, - "2023/11": 2, - "2023/10": 4, - "2023/9": 8, - "2023/8": 7 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-16T05:00:00.000Z", - 1 - ], - [ - "2024-10-21T05:00:00.000Z", - 1 - ], - [ - "2024-12-06T06:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [ - [ - "2025-02-02T06:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_six_months": [ - [ - "2024-11-05T06:00:00.000Z", - 1 - ], - [ - "2024-12-13T06:00:00.000Z", - 1 - ], - [ - "2025-01-02T06:00:00.000Z", - 2 - ], - [ - "2025-02-02T06:00:00.000Z", - 1 - ] - ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-11-17T20:54:57Z", - "ossf_scorecard": { - "date": "2025-02-23T16:36:09Z", - "repo": { - "name": "github.com/CMSgov/price-transparency-guide-validator", - "commit": "4f9c3ac25fb5bcb46701291bd73a0cef1355f80a" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 5.0, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 2, - "reason": "3 out of 11 merged PRs checked by a CI test -- score normalized to 2", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 4, - "reason": "Found 7/16 approved changesets -- score normalized to 4", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 1, - "reason": "1 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 1", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 1, - "reason": "dependency not pinned by hash detected -- score normalized to 1", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 8, - "reason": "2 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 10963, - "CodeBytes": 0, - "Lines": 358, - "Code": 358, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 75409, - "CodeBytes": 0, - "Lines": 2064, - "Code": 1909, - "Comment": 25, - "Blank": 130, - "Complexity": 256, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 7826, - "CodeBytes": 0, - "Lines": 221, - "Code": 157, - "Comment": 0, - "Blank": 64, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 1515, - "CodeBytes": 0, - "Lines": 62, - "Code": 53, - "Comment": 4, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1127, - "CodeBytes": 0, - "Lines": 44, - "Code": 40, - "Comment": 1, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "C++", - "Bytes": 15746, - "CodeBytes": 0, - "Lines": 484, - "Code": 414, - "Comment": 39, - "Blank": 31, - "Complexity": 95, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 380, - "CodeBytes": 0, - "Lines": 13, - "Code": 11, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 11357, - "CodeBytes": 0, - "Lines": 201, - "Code": 169, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 81116.04086636702, - "estimatedScheduleMonths_low": 5.483872955381232, - "estimatedPeople_low": 1.441016217293837, - "estimatedCost_high": 252793.01115450222, - "estimatedScheduleMonths_high": 5.483872955381232, - "estimatedPeople_high": 1.441016217293837, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 11 358 0 0 358 0\n(ULOC) 194\n-------------------------------------------------------------------------------\nTypeScript 11 2064 130 25 1909 256\n(ULOC) 1118\n-------------------------------------------------------------------------------\nMarkdown 3 221 64 0 157 0\n(ULOC) 114\n-------------------------------------------------------------------------------\nJavaScript 2 62 5 4 53 0\n(ULOC) 56\n-------------------------------------------------------------------------------\nYAML 2 44 3 1 40 0\n(ULOC) 38\n-------------------------------------------------------------------------------\nC++ 1 484 31 39 414 95\n(ULOC) 318\n-------------------------------------------------------------------------------\nDockerfile 1 13 2 0 11 0\n(ULOC) 12\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 32 3447 267 69 3111 351\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1984\nDRYness % 0.58\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $88,948\nEstimated Schedule Effort (organic) 5.48 months\nEstimated People Required (organic) 1.44\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 124323 bytes, 0.124 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/price-transparency-guide-validator", + "owner": "CMSgov", + "name": "price-transparency-guide-validator", + "description": "Validation tool to check output files required by the price-transparency-guide", + "commits_count": 98, + "issues_count": 48, + "open_issues_count": 5, + "closed_issues_count": 43, + "pull_requests_count": 52, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 45, + "closed_pull_requests_count": 7, + "forks_count": 15, + "stargazers_count": 32, + "watchers_count": 17, + "total_project_lines": 3447, + "average_project_lines": 108, + "total_project_comment_lines": 69, + "average_project_comment_lines": 2, + "total_project_blank_lines": 267, + "average_blank_lines": 8, + "commits_by_month": { + "2024/12": 1, + "2024/10": 1, + "2024/9": 1, + "2024/1": 4, + "2023/12": 2, + "2023/11": 2, + "2023/10": 4, + "2023/9": 8, + "2023/8": 7 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-16T05:00:00.000Z", + 1 + ], + [ + "2024-10-21T05:00:00.000Z", + 1 + ], + [ + "2024-12-06T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [ + [ + "2025-02-02T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_six_months": [ + [ + "2024-11-05T06:00:00.000Z", + 1 + ], + [ + "2024-12-13T06:00:00.000Z", + 1 + ], + [ + "2025-01-02T06:00:00.000Z", + 2 + ], + [ + "2025-02-02T06:00:00.000Z", + 1 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-11-17T20:54:57Z", + "ossf_scorecard": { + "date": "2025-02-23T16:36:09Z", + "repo": { + "name": "github.com/CMSgov/price-transparency-guide-validator", + "commit": "4f9c3ac25fb5bcb46701291bd73a0cef1355f80a" }, - "predominant_langs": { - "TypeScript": 72821, - "C++": 15746, - "JavaScript": 4103, - "Dockerfile": 380 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "price-transparency-guide-validator", - "45 days 20:53:27.488372" - ] - ], - "repo_dependency_libyear_list": [ - [ - "@streamparser/json", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "@streamparser/json-node", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "@types/fs-extra", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "@types/jest", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "@types/node", - -0.002739726, - "2025-03-01T19:07:11.000" - ], - [ - "@types/readline-sync", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "@types/temp", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "@types/yauzl", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "@typescript-eslint/eslint-plugin", - 0.3561643836, - "2025-03-01T19:07:11.000" - ], - [ - "@typescript-eslint/parser", - 0.3561643836, - "2025-03-01T19:07:11.000" - ], - [ - "axios", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "chalk", - 3.397260274, - "2025-03-01T19:07:11.000" - ], - [ - "commander", - 0.6767123288, - "2025-03-01T19:07:11.000" - ], - [ - "del-cli", - 1.101369863, - "2025-03-01T19:07:11.000" - ], - [ - "eslint", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "eslint-config-prettier", - 1.2383561644, - "2025-03-01T19:07:11.000" - ], - [ - "fs-extra", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "jest", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "jest-extended", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "nock", - 0.2438356164, - "2025-03-01T19:07:11.000" - ], - [ - "prettier", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "readline-sync", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "temp", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "ts-jest", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "typescript", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "winston", - 0.0, - "2025-03-01T19:07:11.000" - ], - [ - "yauzl", - 0.0, - "2025-03-01T19:07:11.000" - ] + "score": 5.0, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 2, + "reason": "3 out of 11 merged PRs checked by a CI test -- score normalized to 2", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 4, + "reason": "Found 7/16 approved changesets -- score normalized to 4", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 1, + "reason": "1 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 1", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 1, + "reason": "dependency not pinned by hash detected -- score normalized to 1", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 8, + "reason": "2 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 10963, + "CodeBytes": 0, + "Lines": 358, + "Code": 358, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 75409, + "CodeBytes": 0, + "Lines": 2064, + "Code": 1909, + "Comment": 25, + "Blank": 130, + "Complexity": 256, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 7826, + "CodeBytes": 0, + "Lines": 221, + "Code": 157, + "Comment": 0, + "Blank": 64, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 1515, + "CodeBytes": 0, + "Lines": 62, + "Code": 53, + "Comment": 4, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1127, + "CodeBytes": 0, + "Lines": 44, + "Code": 40, + "Comment": 1, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "C++", + "Bytes": 15746, + "CodeBytes": 0, + "Lines": 484, + "Code": 414, + "Comment": 39, + "Blank": 31, + "Complexity": 95, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 380, + "CodeBytes": 0, + "Lines": 13, + "Code": 11, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 11357, + "CodeBytes": 0, + "Lines": 201, + "Code": 169, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 81116.04086636702, + "estimatedScheduleMonths_low": 5.483872955381232, + "estimatedPeople_low": 1.441016217293837, + "estimatedCost_high": 252793.01115450222, + "estimatedScheduleMonths_high": 5.483872955381232, + "estimatedPeople_high": 1.441016217293837, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 11 358 0 0 358 0\n(ULOC) 194\n-------------------------------------------------------------------------------\nTypeScript 11 2064 130 25 1909 256\n(ULOC) 1118\n-------------------------------------------------------------------------------\nMarkdown 3 221 64 0 157 0\n(ULOC) 114\n-------------------------------------------------------------------------------\nJavaScript 2 62 5 4 53 0\n(ULOC) 56\n-------------------------------------------------------------------------------\nYAML 2 44 3 1 40 0\n(ULOC) 38\n-------------------------------------------------------------------------------\nC++ 1 484 31 39 414 95\n(ULOC) 318\n-------------------------------------------------------------------------------\nDockerfile 1 13 2 0 11 0\n(ULOC) 12\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n───────────────────────────────────────────────────────────────────────────────\nTotal 32 3447 267 69 3111 351\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1984\nDRYness % 0.58\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $88,948\nEstimated Schedule Effort (organic) 5.48 months\nEstimated People Required (organic) 1.44\n───────────────────────────────────────────────────────────────────────────────\nProcessed 124323 bytes, 0.124 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 72821, + "C++": 15746, + "JavaScript": 4103, + "Dockerfile": 380 + }, + "average_issue_resolution_time": [ + [ + "price-transparency-guide-validator", + "45 days 20:53:27.488372" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@streamparser/json", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "@streamparser/json-node", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "@types/fs-extra", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "@types/jest", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "@types/node", + -0.002739726, + "2025-03-01T19:07:11.000" + ], + [ + "@types/readline-sync", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "@types/temp", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "@types/yauzl", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "@typescript-eslint/eslint-plugin", + 0.3561643836, + "2025-03-01T19:07:11.000" + ], + [ + "@typescript-eslint/parser", + 0.3561643836, + "2025-03-01T19:07:11.000" + ], + [ + "axios", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "chalk", + 3.397260274, + "2025-03-01T19:07:11.000" + ], + [ + "commander", + 0.6767123288, + "2025-03-01T19:07:11.000" + ], + [ + "del-cli", + 1.101369863, + "2025-03-01T19:07:11.000" + ], + [ + "eslint", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "eslint-config-prettier", + 1.2383561644, + "2025-03-01T19:07:11.000" + ], + [ + "fs-extra", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "jest", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "jest-extended", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "nock", + 0.2438356164, + "2025-03-01T19:07:11.000" + ], + [ + "prettier", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "readline-sync", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "temp", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "ts-jest", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "typescript", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "winston", + 0.0, + "2025-03-01T19:07:11.000" + ], + [ + "yauzl", + 0.0, + "2025-03-01T19:07:11.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/price-transparency-guide/price-transparency-guide_data.json b/app/site/_data/CMSgov/price-transparency-guide/price-transparency-guide_data.json index e0e0902f3a..d4068b99ca 100644 --- a/app/site/_data/CMSgov/price-transparency-guide/price-transparency-guide_data.json +++ b/app/site/_data/CMSgov/price-transparency-guide/price-transparency-guide_data.json @@ -1,370 +1,370 @@ { - "url": "https://github.com/CMSgov/price-transparency-guide", - "owner": "CMSgov", - "name": "price-transparency-guide", - "description": "The technical implementation guide for the tri-departmental price transparency rule.", - "commits_count": 268, - "issues_count": 85, - "open_issues_count": 17, - "closed_issues_count": 68, - "pull_requests_count": 118, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 103, - "closed_pull_requests_count": 13, - "forks_count": 116, - "stargazers_count": 381, - "watchers_count": 285, - "total_project_lines": 3415, - "average_project_lines": 92, - "total_project_comment_lines": 99, - "average_project_comment_lines": 3, - "total_project_blank_lines": 167, - "average_blank_lines": 5, - "commits_by_month": { - "2025/1": 1, - "2023/11": 7, - "2023/10": 7, - "2023/9": 15 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2025-01-03T06:00:00.000Z", - 1 - ] + "url": "https://github.com/CMSgov/price-transparency-guide", + "owner": "CMSgov", + "name": "price-transparency-guide", + "description": "The technical implementation guide for the tri-departmental price transparency rule.", + "commits_count": 268, + "issues_count": 85, + "open_issues_count": 17, + "closed_issues_count": 68, + "pull_requests_count": 118, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 103, + "closed_pull_requests_count": 13, + "forks_count": 116, + "stargazers_count": 381, + "watchers_count": 285, + "total_project_lines": 3415, + "average_project_lines": 92, + "total_project_comment_lines": 99, + "average_project_comment_lines": 3, + "total_project_blank_lines": 167, + "average_blank_lines": 5, + "commits_by_month": { + "2025/1": 1, + "2023/11": 7, + "2023/10": 7, + "2023/9": 15 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2025-01-03T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [ + [ + "2025-02-04T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_six_months": [ + [ + "2024-11-26T06:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [ - [ - "2025-02-04T06:00:00.000Z", - 1 - ] + [ + "2024-12-10T06:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_six_months": [ - [ - "2024-11-26T06:00:00.000Z", - 1 - ], - [ - "2024-12-10T06:00:00.000Z", - 1 - ], - [ - "2024-12-17T06:00:00.000Z", - 1 - ], - [ - "2025-02-04T06:00:00.000Z", - 1 - ] + [ + "2024-12-17T06:00:00.000Z", + 1 ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2019-10-02T06:42:01Z", - "ossf_scorecard": { - "date": "2025-02-23T16:32:02Z", - "repo": { - "name": "github.com/CMSgov/price-transparency-guide", - "commit": "e20a3b7e19ad8e8cfa466578b4c126cbb17e48cd" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "1 out of 15 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/15 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 8, - "reason": "dependency not pinned by hash detected -- score normalized to 8", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 35428, - "CodeBytes": 0, - "Lines": 1379, - "Code": 1374, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 16, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 55106, - "CodeBytes": 0, - "Lines": 642, - "Code": 512, - "Comment": 0, - "Blank": 130, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 38190, - "CodeBytes": 0, - "Lines": 1153, - "Code": 1151, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Ruby", - "Bytes": 8339, - "CodeBytes": 0, - "Lines": 200, - "Code": 86, - "Comment": 90, - "Blank": 24, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 86, - "CodeBytes": 0, - "Lines": 6, - "Code": 5, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1121, - "CodeBytes": 0, - "Lines": 35, - "Code": 21, - "Comment": 9, - "Blank": 5, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 82156.70771405681, - "estimatedScheduleMonths_low": 5.510502098534433, - "estimatedPeople_low": 1.452450576421086, - "estimatedCost_high": 256036.18356807646, - "estimatedScheduleMonths_high": 5.510502098534433, - "estimatedPeople_high": 1.452450576421086, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 16 1379 5 0 1374 0\n(ULOC) 559\n-------------------------------------------------------------------------------\nMarkdown 7 642 130 0 512 0\n(ULOC) 342\n-------------------------------------------------------------------------------\nXML 7 1153 2 0 1151 0\n(ULOC) 514\n-------------------------------------------------------------------------------\nRuby 5 200 24 90 86 0\n(ULOC) 123\n-------------------------------------------------------------------------------\nGemfile 1 6 1 0 5 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nYAML 1 35 5 9 21 0\n(ULOC) 31\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 37 3415 167 99 3149 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1559\nDRYness % 0.46\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $90,090\nEstimated Schedule Effort (organic) 5.51 months\nEstimated People Required (organic) 1.45\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 138270 bytes, 0.138 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2025-02-04T06:00:00.000Z", + 1 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2019-10-02T06:42:01Z", + "ossf_scorecard": { + "date": "2025-02-23T16:32:02Z", + "repo": { + "name": "github.com/CMSgov/price-transparency-guide", + "commit": "e20a3b7e19ad8e8cfa466578b4c126cbb17e48cd" }, - "predominant_langs": { - "Ruby": 8425 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "price-transparency-guide", - "92 days 15:09:46.955882" - ] + "score": 3.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "1 out of 15 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/15 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 8, + "reason": "dependency not pinned by hash detected -- score normalized to 8", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 35428, + "CodeBytes": 0, + "Lines": 1379, + "Code": 1374, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 16, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 55106, + "CodeBytes": 0, + "Lines": 642, + "Code": 512, + "Comment": 0, + "Blank": 130, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 38190, + "CodeBytes": 0, + "Lines": 1153, + "Code": 1151, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Ruby", + "Bytes": 8339, + "CodeBytes": 0, + "Lines": 200, + "Code": 86, + "Comment": 90, + "Blank": 24, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 86, + "CodeBytes": 0, + "Lines": 6, + "Code": 5, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1121, + "CodeBytes": 0, + "Lines": 35, + "Code": 21, + "Comment": 9, + "Blank": 5, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "estimatedCost_low": 82156.70771405681, + "estimatedScheduleMonths_low": 5.510502098534433, + "estimatedPeople_low": 1.452450576421086, + "estimatedCost_high": 256036.18356807646, + "estimatedScheduleMonths_high": 5.510502098534433, + "estimatedPeople_high": 1.452450576421086, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 16 1379 5 0 1374 0\n(ULOC) 559\n-------------------------------------------------------------------------------\nMarkdown 7 642 130 0 512 0\n(ULOC) 342\n-------------------------------------------------------------------------------\nXML 7 1153 2 0 1151 0\n(ULOC) 514\n-------------------------------------------------------------------------------\nRuby 5 200 24 90 86 0\n(ULOC) 123\n-------------------------------------------------------------------------------\nGemfile 1 6 1 0 5 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nYAML 1 35 5 9 21 0\n(ULOC) 31\n───────────────────────────────────────────────────────────────────────────────\nTotal 37 3415 167 99 3149 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1559\nDRYness % 0.46\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $90,090\nEstimated Schedule Effort (organic) 5.51 months\nEstimated People Required (organic) 1.45\n───────────────────────────────────────────────────────────────────────────────\nProcessed 138270 bytes, 0.138 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Ruby": 8425 + }, + "average_issue_resolution_time": [ + [ + "price-transparency-guide", + "92 days 15:09:46.955882" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/qpp-conversion-tool/qpp-conversion-tool_data.json b/app/site/_data/CMSgov/qpp-conversion-tool/qpp-conversion-tool_data.json index 3b7d8188dd..4e25297bbd 100644 --- a/app/site/_data/CMSgov/qpp-conversion-tool/qpp-conversion-tool_data.json +++ b/app/site/_data/CMSgov/qpp-conversion-tool/qpp-conversion-tool_data.json @@ -1,528 +1,528 @@ { - "url": "https://github.com/CMSgov/qpp-conversion-tool", - "owner": "CMSgov", - "name": "qpp-conversion-tool", - "description": "Conversion tool for QPP, particularly focused on QRDA3 -> QPP, built by Flexion. ", - "commits_count": 7853, - "issues_count": 47, - "open_issues_count": 0, - "closed_issues_count": 47, - "pull_requests_count": 1408, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 1237, - "closed_pull_requests_count": 170, - "forks_count": 63, - "stargazers_count": 36, - "watchers_count": 29, - "total_project_lines": 6069224, - "average_project_lines": 4314, - "total_project_comment_lines": 317162, - "average_project_comment_lines": 225, - "total_project_blank_lines": 42618, - "average_blank_lines": 30, - "commits_by_month": { - "2025/2": 15, - "2025/1": 15 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-23T05:00:00.000Z", - 1 - ], - [ - "2024-09-24T05:00:00.000Z", - 1 - ], - [ - "2024-09-30T05:00:00.000Z", - 2 - ], - [ - "2024-10-03T05:00:00.000Z", - 2 - ], - [ - "2024-10-16T05:00:00.000Z", - 2 - ], - [ - "2024-10-29T05:00:00.000Z", - 1 - ], - [ - "2024-11-07T06:00:00.000Z", - 1 - ], - [ - "2024-12-30T06:00:00.000Z", - 2 - ] + "url": "https://github.com/CMSgov/qpp-conversion-tool", + "owner": "CMSgov", + "name": "qpp-conversion-tool", + "description": "Conversion tool for QPP, particularly focused on QRDA3 -> QPP, built by Flexion. ", + "commits_count": 7853, + "issues_count": 47, + "open_issues_count": 0, + "closed_issues_count": 47, + "pull_requests_count": 1408, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 1237, + "closed_pull_requests_count": 170, + "forks_count": 63, + "stargazers_count": 36, + "watchers_count": 29, + "total_project_lines": 6069224, + "average_project_lines": 4314, + "total_project_comment_lines": 317162, + "average_project_comment_lines": 225, + "total_project_blank_lines": 42618, + "average_blank_lines": 30, + "commits_by_month": { + "2025/2": 15, + "2025/1": 15 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-23T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [ - [ - "2024-09-23T05:00:00.000Z", - 1 - ], - [ - "2024-11-15T06:00:00.000Z", - 1 - ], - [ - "2024-11-18T06:00:00.000Z", - 1 - ] + [ + "2024-09-24T05:00:00.000Z", + 1 ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", - "nadia_color": "ff69b4", - "nadia_badge_name": "club", - "created_at": "2017-03-24T20:26:32Z", - "ossf_scorecard": { - "date": "2025-02-23T16:35:43Z", - "repo": { - "name": "github.com/CMSgov/qpp-conversion-tool", - "commit": "c85339dae0a76198d030bbdb46f012dee9a4f466" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.4, - "checks": [ - { - "details": null, - "score": 9, - "reason": "binaries present in source code", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "9 out of 9 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 16 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 2, - "reason": "dependency not pinned by hash detected -- score normalized to 2", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 8, - "reason": "2 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "XML", - "Bytes": 857521201, - "CodeBytes": 0, - "Lines": 12508918, - "Code": 11784607, - "Comment": 689418, - "Blank": 34893, - "Complexity": 0, - "Count": 978, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Java", - "Bytes": 1381259, - "CodeBytes": 0, - "Lines": 41212, - "Code": 27660, - "Comment": 6702, - "Blank": 6850, - "Complexity": 1107, - "Count": 432, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 8174546, - "CodeBytes": 0, - "Lines": 266990, - "Code": 266987, - "Comment": 0, - "Blank": 3, - "Complexity": 0, - "Count": 24, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 45221, - "CodeBytes": 0, - "Lines": 1115, - "Code": 600, - "Comment": 352, - "Blank": 163, - "Complexity": 0, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 38343, - "CodeBytes": 0, - "Lines": 662, - "Code": 495, - "Comment": 0, - "Blank": 167, - "Complexity": 0, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 5731, - "CodeBytes": 0, - "Lines": 167, - "Code": 106, - "Comment": 26, - "Blank": 35, - "Complexity": 9, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 1165, - "CodeBytes": 0, - "Lines": 32, - "Code": 23, - "Comment": 6, - "Blank": 3, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gherkin Specification", - "Bytes": 35972, - "CodeBytes": 0, - "Lines": 158, - "Code": 138, - "Comment": 2, - "Blank": 18, - "Complexity": 5, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 846, - "CodeBytes": 0, - "Lines": 28, - "Code": 25, - "Comment": 0, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 4776, - "CodeBytes": 0, - "Lines": 139, - "Code": 110, - "Comment": 11, - "Blank": 18, - "Complexity": 10, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Batch", - "Bytes": 404, - "CodeBytes": 0, - "Lines": 20, - "Code": 15, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 150, - "CodeBytes": 0, - "Lines": 13, - "Code": 13, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 1270, - "CodeBytes": 0, - "Lines": 38, - "Code": 27, - "Comment": 0, - "Blank": 11, - "Complexity": 5, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6555, - "CodeBytes": 0, - "Lines": 116, - "Code": 96, - "Comment": 0, - "Blank": 20, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 3577, - "CodeBytes": 0, - "Lines": 104, - "Code": 104, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 476178725.9512107, - "estimatedScheduleMonths_low": 148.31306753270695, - "estimatedPeople_low": 312.7807950977655, - "estimatedCost_high": 1483980883.3770604, - "estimatedScheduleMonths_high": 148.31306753270695, - "estimatedPeople_high": 312.7807950977655, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nXML 978 12508918 34893 689418 11784607 0\n(ULOC) 22986\n-------------------------------------------------------------------------------\nJava 432 41212 6850 6702 27660 1107\n(ULOC) 16335\n-------------------------------------------------------------------------------\nJSON 24 266990 3 0 266987 0\n(ULOC) 31120\n-------------------------------------------------------------------------------\nYAML 13 1115 163 352 600 0\n(ULOC) 735\n-------------------------------------------------------------------------------\nMarkdown 10 662 167 0 495 0\n(ULOC) 459\n-------------------------------------------------------------------------------\nShell 7 167 35 26 106 9\n(ULOC) 122\n-------------------------------------------------------------------------------\nProperties File 4 32 3 6 23 0\n(ULOC) 25\n-------------------------------------------------------------------------------\nGherkin Specificati\u2026 3 158 18 2 138 5\n(ULOC) 112\n-------------------------------------------------------------------------------\nPlain Text 2 28 3 0 25 0\n(ULOC) 26\n-------------------------------------------------------------------------------\nPython 2 139 18 11 110 10\n(ULOC) 115\n-------------------------------------------------------------------------------\nBatch 1 20 5 0 15 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nDocker ignore 1 13 0 0 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nDockerfile 1 38 11 0 27 5\n(ULOC) 28\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nTOML 1 104 0 0 104 0\n(ULOC) 77\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 1480 12819712 42189 696517 12081006 1136\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 72218\nDRYness % 0.01\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $522,159,977\nEstimated Schedule Effort (organic) 148.31 months\nEstimated People Required (organic) 312.78\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 867221016 bytes, 867.221 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-09-30T05:00:00.000Z", + 2 + ], + [ + "2024-10-03T05:00:00.000Z", + 2 + ], + [ + "2024-10-16T05:00:00.000Z", + 2 + ], + [ + "2024-10-29T05:00:00.000Z", + 1 + ], + [ + "2024-11-07T06:00:00.000Z", + 1 + ], + [ + "2024-12-30T06:00:00.000Z", + 2 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [ + [ + "2024-09-23T05:00:00.000Z", + 1 + ], + [ + "2024-11-15T06:00:00.000Z", + 1 + ], + [ + "2024-11-18T06:00:00.000Z", + 1 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", + "nadia_color": "ff69b4", + "nadia_badge_name": "club", + "created_at": "2017-03-24T20:26:32Z", + "ossf_scorecard": { + "date": "2025-02-23T16:35:43Z", + "repo": { + "name": "github.com/CMSgov/qpp-conversion-tool", + "commit": "c85339dae0a76198d030bbdb46f012dee9a4f466" }, - "predominant_langs": { - "Java": 1381259, - "Gherkin": 35972, - "Shell": 5731, - "Python": 4776, - "Dockerfile": 1270, - "Batchfile": 404, - "Procfile": 60 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "qpp-conversion-tool", - "30 days 30:01:19.319149" - ] + "score": 6.4, + "checks": [ + { + "details": null, + "score": 9, + "reason": "binaries present in source code", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "9 out of 9 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 16 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 2, + "reason": "dependency not pinned by hash detected -- score normalized to 2", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 8, + "reason": "2 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "XML", + "Bytes": 857521201, + "CodeBytes": 0, + "Lines": 12508918, + "Code": 11784607, + "Comment": 689418, + "Blank": 34893, + "Complexity": 0, + "Count": 978, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Java", + "Bytes": 1381259, + "CodeBytes": 0, + "Lines": 41212, + "Code": 27660, + "Comment": 6702, + "Blank": 6850, + "Complexity": 1107, + "Count": 432, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 8174546, + "CodeBytes": 0, + "Lines": 266990, + "Code": 266987, + "Comment": 0, + "Blank": 3, + "Complexity": 0, + "Count": 24, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 45221, + "CodeBytes": 0, + "Lines": 1115, + "Code": 600, + "Comment": 352, + "Blank": 163, + "Complexity": 0, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 38343, + "CodeBytes": 0, + "Lines": 662, + "Code": 495, + "Comment": 0, + "Blank": 167, + "Complexity": 0, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 5731, + "CodeBytes": 0, + "Lines": 167, + "Code": 106, + "Comment": 26, + "Blank": 35, + "Complexity": 9, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 1165, + "CodeBytes": 0, + "Lines": 32, + "Code": 23, + "Comment": 6, + "Blank": 3, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gherkin Specification", + "Bytes": 35972, + "CodeBytes": 0, + "Lines": 158, + "Code": 138, + "Comment": 2, + "Blank": 18, + "Complexity": 5, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 846, + "CodeBytes": 0, + "Lines": 28, + "Code": 25, + "Comment": 0, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 4776, + "CodeBytes": 0, + "Lines": 139, + "Code": 110, + "Comment": 11, + "Blank": 18, + "Complexity": 10, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Batch", + "Bytes": 404, + "CodeBytes": 0, + "Lines": 20, + "Code": 15, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 150, + "CodeBytes": 0, + "Lines": 13, + "Code": 13, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 1270, + "CodeBytes": 0, + "Lines": 38, + "Code": 27, + "Comment": 0, + "Blank": 11, + "Complexity": 5, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6555, + "CodeBytes": 0, + "Lines": 116, + "Code": 96, + "Comment": 0, + "Blank": 20, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 3577, + "CodeBytes": 0, + "Lines": 104, + "Code": 104, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "estimatedCost_low": 476178725.9512107, + "estimatedScheduleMonths_low": 148.31306753270695, + "estimatedPeople_low": 312.7807950977655, + "estimatedCost_high": 1483980883.3770604, + "estimatedScheduleMonths_high": 148.31306753270695, + "estimatedPeople_high": 312.7807950977655, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nXML 978 12508918 34893 689418 11784607 0\n(ULOC) 22986\n-------------------------------------------------------------------------------\nJava 432 41212 6850 6702 27660 1107\n(ULOC) 16335\n-------------------------------------------------------------------------------\nJSON 24 266990 3 0 266987 0\n(ULOC) 31120\n-------------------------------------------------------------------------------\nYAML 13 1115 163 352 600 0\n(ULOC) 735\n-------------------------------------------------------------------------------\nMarkdown 10 662 167 0 495 0\n(ULOC) 459\n-------------------------------------------------------------------------------\nShell 7 167 35 26 106 9\n(ULOC) 122\n-------------------------------------------------------------------------------\nProperties File 4 32 3 6 23 0\n(ULOC) 25\n-------------------------------------------------------------------------------\nGherkin Specificati… 3 158 18 2 138 5\n(ULOC) 112\n-------------------------------------------------------------------------------\nPlain Text 2 28 3 0 25 0\n(ULOC) 26\n-------------------------------------------------------------------------------\nPython 2 139 18 11 110 10\n(ULOC) 115\n-------------------------------------------------------------------------------\nBatch 1 20 5 0 15 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nDocker ignore 1 13 0 0 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nDockerfile 1 38 11 0 27 5\n(ULOC) 28\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nTOML 1 104 0 0 104 0\n(ULOC) 77\n───────────────────────────────────────────────────────────────────────────────\nTotal 1480 12819712 42189 696517 12081006 1136\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 72218\nDRYness % 0.01\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $522,159,977\nEstimated Schedule Effort (organic) 148.31 months\nEstimated People Required (organic) 312.78\n───────────────────────────────────────────────────────────────────────────────\nProcessed 867221016 bytes, 867.221 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Java": 1381259, + "Gherkin": 35972, + "Shell": 5731, + "Python": 4776, + "Dockerfile": 1270, + "Batchfile": 404, + "Procfile": 60 + }, + "average_issue_resolution_time": [ + [ + "qpp-conversion-tool", + "30 days 30:01:19.319149" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/qpp-eu-data/qpp-eu-data_data.json b/app/site/_data/CMSgov/qpp-eu-data/qpp-eu-data_data.json index df011bb680..056c80661c 100644 --- a/app/site/_data/CMSgov/qpp-eu-data/qpp-eu-data_data.json +++ b/app/site/_data/CMSgov/qpp-eu-data/qpp-eu-data_data.json @@ -1,602 +1,602 @@ { - "url": "https://github.com/CMSgov/qpp-eu-data", - "owner": "CMSgov", - "name": "qpp-eu-data", - "description": "This repository publishes the county-zipcode crosswalk data used for determining the providers eligible Extreme And Uncontrollable Circumstances Hardship. ", - "commits_count": 96, - "issues_count": 17, - "open_issues_count": 3, - "closed_issues_count": 14, - "pull_requests_count": 36, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 24, - "closed_pull_requests_count": 11, - "forks_count": 0, - "stargazers_count": 4, - "watchers_count": 26, - "total_project_lines": 21513, - "average_project_lines": 538, - "total_project_comment_lines": 27, - "average_project_comment_lines": 1, - "total_project_blank_lines": 250, - "average_blank_lines": 6, - "commits_by_month": { - "2025/2": 4, - "2025/1": 1, - "2024/12": 2, - "2023/12": 3, - "2023/11": 11, - "2023/5": 6, - "2023/4": 3 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-12-12T06:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [ - [ - "2025-02-04T06:00:00.000Z", - 2 - ] - ], - "new_issues_by_day_over_last_six_months": [ - [ - "2025-02-04T06:00:00.000Z", - 2 - ] - ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-08-30T12:17:03Z", - "ossf_scorecard": { - "date": "2025-02-23T16:40:19Z", - "repo": { - "name": "github.com/CMSgov/qpp-eu-data", - "commit": "69f1a790d3484e891620a254946dd69515f10f0e" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 3, - "reason": "4 out of 11 merged PRs checked by a CI test -- score normalized to 3", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 3 contributing companies or organizations -- score normalized to 10", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 5, - "reason": "7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 3, - "reason": "dependency not pinned by hash detected -- score normalized to 3", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 2, - "reason": "SAST tool is not run on all commits -- score normalized to 2", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 4, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 8, - "reason": "2 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 18792, - "CodeBytes": 0, - "Lines": 394, - "Code": 288, - "Comment": 0, - "Blank": 106, - "Complexity": 0, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 19403, - "CodeBytes": 0, - "Lines": 502, - "Code": 390, - "Comment": 22, - "Blank": 90, - "Complexity": 62, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 187056, - "CodeBytes": 0, - "Lines": 10924, - "Code": 10924, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 6229, - "CodeBytes": 0, - "Lines": 238, - "Code": 226, - "Comment": 5, - "Blank": 7, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 1943289, - "CodeBytes": 0, - "Lines": 9668, - "Code": 9668, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 633, - "CodeBytes": 0, - "Lines": 29, - "Code": 29, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6555, - "CodeBytes": 0, - "Lines": 116, - "Code": 96, - "Comment": 0, - "Blank": 20, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 5339, - "CodeBytes": 0, - "Lines": 172, - "Code": 143, - "Comment": 0, - "Blank": 29, - "Complexity": 1, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 625442.4967381905, - "estimatedScheduleMonths_low": 11.917304294717724, - "estimatedPeople_low": 5.112800724817896, - "estimatedCost_high": 1949151.9848078892, - "estimatedScheduleMonths_high": 11.917304294717724, - "estimatedPeople_high": 5.112800724817896, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 12 394 106 0 288 0\n(ULOC) 261\n-------------------------------------------------------------------------------\nPython 11 502 90 22 390 62\n(ULOC) 318\n-------------------------------------------------------------------------------\nCSV 6 10924 0 0 10924 0\n(ULOC) 7215\n-------------------------------------------------------------------------------\nYAML 5 238 7 5 226 0\n(ULOC) 140\n-------------------------------------------------------------------------------\nPlain Text 3 9668 0 0 9668 0\n(ULOC) 7966\n-------------------------------------------------------------------------------\nJSON 1 29 0 0 29 0\n(ULOC) 25\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nTOML 1 172 29 0 143 1\n(ULOC) 109\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 40 22043 252 27 21764 63\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 16127\nDRYness % 0.73\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $685,837\nEstimated Schedule Effort (organic) 11.92 months\nEstimated People Required (organic) 5.11\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 2187296 bytes, 2.187 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/qpp-eu-data", + "owner": "CMSgov", + "name": "qpp-eu-data", + "description": "This repository publishes the county-zipcode crosswalk data used for determining the providers eligible Extreme And Uncontrollable Circumstances Hardship. ", + "commits_count": 96, + "issues_count": 17, + "open_issues_count": 3, + "closed_issues_count": 14, + "pull_requests_count": 36, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 24, + "closed_pull_requests_count": 11, + "forks_count": 0, + "stargazers_count": 4, + "watchers_count": 26, + "total_project_lines": 21513, + "average_project_lines": 538, + "total_project_comment_lines": 27, + "average_project_comment_lines": 1, + "total_project_blank_lines": 250, + "average_blank_lines": 6, + "commits_by_month": { + "2025/2": 4, + "2025/1": 1, + "2024/12": 2, + "2023/12": 3, + "2023/11": 11, + "2023/5": 6, + "2023/4": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-12-12T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [ + [ + "2025-02-04T06:00:00.000Z", + 2 + ] + ], + "new_issues_by_day_over_last_six_months": [ + [ + "2025-02-04T06:00:00.000Z", + 2 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-08-30T12:17:03Z", + "ossf_scorecard": { + "date": "2025-02-23T16:40:19Z", + "repo": { + "name": "github.com/CMSgov/qpp-eu-data", + "commit": "69f1a790d3484e891620a254946dd69515f10f0e" }, - "predominant_langs": { - "Python": 19403 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "qpp-eu-data", - "9 days 13:10:41.714286" - ] - ], - "repo_dependency_libyear_list": [ - [ - "PyGithub", - 2.0054794521, - "2025-01-01T18:38:35.000" - ], - [ - "PyYAML", - 2.8164383562, - "2025-01-01T18:38:35.000" - ], - [ - "attrs", - 0.4684931507, - "2025-03-01T19:07:06.000" - ], - [ - "certifi", - 0.4219178082, - "2025-03-01T19:07:06.000" - ], - [ - "cffi", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "charset-normalizer", - 0.2082191781, - "2025-03-01T19:07:06.000" - ], - [ - "coverage", - 2.0219178082, - "2025-01-01T18:38:35.000" - ], - [ - "coverage", - 2.1506849315, - "2025-03-01T19:07:06.000" - ], - [ - "cryptography", - 0.2575342466, - "2025-03-01T19:07:06.000" - ], - [ - "deprecated", - 0.197260274, - "2025-03-01T19:07:06.000" - ], - [ - "et-xmlfile", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "idna", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "iniconfig", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "numpy", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "openpyxl", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "openpyxl", - 2.1095890411, - "2025-01-01T18:38:35.000" - ], - [ - "packaging", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "pandas", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "pandas", - 1.8273972603, - "2025-01-01T18:38:35.000" - ], - [ - "pluggy", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "pycparser", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "pydash", - 1.9287671233, - "2025-01-01T18:38:35.000" - ], - [ - "pydash", - 2.1315068493, - "2025-03-01T19:07:06.000" - ], - [ - "pygithub", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "pyjwt", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "pynacl", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "pytest", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "pytest", - 2.104109589, - "2025-01-01T18:38:35.000" - ], - [ - "pytest-cov", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "pytest-cov", - 2.0876712329, - "2025-01-01T18:38:35.000" - ], - [ - "python-dateutil", - 2.6328767123, - "2025-03-01T19:07:06.000" - ], - [ - "pytz", - 0.3863013699, - "2025-03-01T19:07:06.000" - ], - [ - "pyyaml", - 2.8164383562, - "2025-03-01T19:07:06.000" - ], - [ - "requests", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "requests", - 1.0219178082, - "2025-01-01T18:38:35.000" - ], - [ - "six", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "slack-sdk", - 2.0438356164, - "2025-03-01T19:07:06.000" - ], - [ - "typing-extensions", - 0.0, - "2025-03-01T19:07:06.000" - ], - [ - "tzdata", - 0.3287671233, - "2025-03-01T19:07:06.000" - ], - [ - "unidecode", - 1.2821917808, - "2025-03-01T19:07:06.000" - ], - [ - "urllib3", - 0.2739726027, - "2025-03-01T19:07:06.000" - ], - [ - "wrapt", - 0.1452054795, - "2025-03-01T19:07:06.000" - ] + "score": 6.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 3, + "reason": "4 out of 11 merged PRs checked by a CI test -- score normalized to 3", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 3 contributing companies or organizations -- score normalized to 10", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 5, + "reason": "7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 3, + "reason": "dependency not pinned by hash detected -- score normalized to 3", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 2, + "reason": "SAST tool is not run on all commits -- score normalized to 2", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 4, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 8, + "reason": "2 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 18792, + "CodeBytes": 0, + "Lines": 394, + "Code": 288, + "Comment": 0, + "Blank": 106, + "Complexity": 0, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 19403, + "CodeBytes": 0, + "Lines": 502, + "Code": 390, + "Comment": 22, + "Blank": 90, + "Complexity": 62, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 187056, + "CodeBytes": 0, + "Lines": 10924, + "Code": 10924, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 6229, + "CodeBytes": 0, + "Lines": 238, + "Code": 226, + "Comment": 5, + "Blank": 7, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 1943289, + "CodeBytes": 0, + "Lines": 9668, + "Code": 9668, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 633, + "CodeBytes": 0, + "Lines": 29, + "Code": 29, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6555, + "CodeBytes": 0, + "Lines": 116, + "Code": 96, + "Comment": 0, + "Blank": 20, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 5339, + "CodeBytes": 0, + "Lines": 172, + "Code": 143, + "Comment": 0, + "Blank": 29, + "Complexity": 1, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 625442.4967381905, + "estimatedScheduleMonths_low": 11.917304294717724, + "estimatedPeople_low": 5.112800724817896, + "estimatedCost_high": 1949151.9848078892, + "estimatedScheduleMonths_high": 11.917304294717724, + "estimatedPeople_high": 5.112800724817896, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 12 394 106 0 288 0\n(ULOC) 261\n-------------------------------------------------------------------------------\nPython 11 502 90 22 390 62\n(ULOC) 318\n-------------------------------------------------------------------------------\nCSV 6 10924 0 0 10924 0\n(ULOC) 7215\n-------------------------------------------------------------------------------\nYAML 5 238 7 5 226 0\n(ULOC) 140\n-------------------------------------------------------------------------------\nPlain Text 3 9668 0 0 9668 0\n(ULOC) 7966\n-------------------------------------------------------------------------------\nJSON 1 29 0 0 29 0\n(ULOC) 25\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nTOML 1 172 29 0 143 1\n(ULOC) 109\n───────────────────────────────────────────────────────────────────────────────\nTotal 40 22043 252 27 21764 63\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 16127\nDRYness % 0.73\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $685,837\nEstimated Schedule Effort (organic) 11.92 months\nEstimated People Required (organic) 5.11\n───────────────────────────────────────────────────────────────────────────────\nProcessed 2187296 bytes, 2.187 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Python": 19403 + }, + "average_issue_resolution_time": [ + [ + "qpp-eu-data", + "9 days 13:10:41.714286" + ] + ], + "repo_dependency_libyear_list": [ + [ + "PyGithub", + 2.0054794521, + "2025-01-01T18:38:35.000" + ], + [ + "PyYAML", + 2.8164383562, + "2025-01-01T18:38:35.000" + ], + [ + "attrs", + 0.4684931507, + "2025-03-01T19:07:06.000" + ], + [ + "certifi", + 0.4219178082, + "2025-03-01T19:07:06.000" + ], + [ + "cffi", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "charset-normalizer", + 0.2082191781, + "2025-03-01T19:07:06.000" + ], + [ + "coverage", + 2.0219178082, + "2025-01-01T18:38:35.000" + ], + [ + "coverage", + 2.1506849315, + "2025-03-01T19:07:06.000" + ], + [ + "cryptography", + 0.2575342466, + "2025-03-01T19:07:06.000" + ], + [ + "deprecated", + 0.197260274, + "2025-03-01T19:07:06.000" + ], + [ + "et-xmlfile", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "idna", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "iniconfig", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "numpy", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "openpyxl", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "openpyxl", + 2.1095890411, + "2025-01-01T18:38:35.000" + ], + [ + "packaging", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "pandas", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "pandas", + 1.8273972603, + "2025-01-01T18:38:35.000" + ], + [ + "pluggy", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "pycparser", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "pydash", + 1.9287671233, + "2025-01-01T18:38:35.000" + ], + [ + "pydash", + 2.1315068493, + "2025-03-01T19:07:06.000" + ], + [ + "pygithub", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "pyjwt", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "pynacl", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "pytest", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "pytest", + 2.104109589, + "2025-01-01T18:38:35.000" + ], + [ + "pytest-cov", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "pytest-cov", + 2.0876712329, + "2025-01-01T18:38:35.000" + ], + [ + "python-dateutil", + 2.6328767123, + "2025-03-01T19:07:06.000" + ], + [ + "pytz", + 0.3863013699, + "2025-03-01T19:07:06.000" + ], + [ + "pyyaml", + 2.8164383562, + "2025-03-01T19:07:06.000" + ], + [ + "requests", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "requests", + 1.0219178082, + "2025-01-01T18:38:35.000" + ], + [ + "six", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "slack-sdk", + 2.0438356164, + "2025-03-01T19:07:06.000" + ], + [ + "typing-extensions", + 0.0, + "2025-03-01T19:07:06.000" + ], + [ + "tzdata", + 0.3287671233, + "2025-03-01T19:07:06.000" + ], + [ + "unidecode", + 1.2821917808, + "2025-03-01T19:07:06.000" + ], + [ + "urllib3", + 0.2739726027, + "2025-03-01T19:07:06.000" + ], + [ + "wrapt", + 0.1452054795, + "2025-03-01T19:07:06.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/qpp-file-upload-api-client/qpp-file-upload-api-client_data.json b/app/site/_data/CMSgov/qpp-file-upload-api-client/qpp-file-upload-api-client_data.json index 16a37456d8..98b1f1b9c6 100644 --- a/app/site/_data/CMSgov/qpp-file-upload-api-client/qpp-file-upload-api-client_data.json +++ b/app/site/_data/CMSgov/qpp-file-upload-api-client/qpp-file-upload-api-client_data.json @@ -1,463 +1,463 @@ { - "url": "https://github.com/CMSgov/qpp-file-upload-api-client", - "owner": "CMSgov", - "name": "qpp-file-upload-api-client", - "description": "A set of functions to call the QPP Submissions API in common manner, such as for the file upload use case. ", - "commits_count": 425, - "issues_count": 14, - "open_issues_count": 4, - "closed_issues_count": 10, - "pull_requests_count": 199, - "open_pull_requests_count": 8, - "merged_pull_requests_count": 138, - "closed_pull_requests_count": 53, - "forks_count": 3, - "stargazers_count": 3, - "watchers_count": 36, - "total_project_lines": 2381, - "average_project_lines": 95, - "total_project_comment_lines": 167, - "average_project_comment_lines": 7, - "total_project_blank_lines": 287, - "average_blank_lines": 11, - "commits_by_month": { - "2024/10": 1, - "2024/1": 2, - "2023/11": 1, - "2023/1": 8, - "2022/12": 3, - "2022/11": 5, - "2022/10": 7, - "2022/9": 3 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-10-01T05:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2017-09-18T19:06:47Z", - "ossf_scorecard": { - "date": "2025-02-23T16:39:32Z", - "repo": { - "name": "github.com/CMSgov/qpp-file-upload-api-client", - "commit": "3422dcd806b0768c8d6b3b22bca109c0d72060f0" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 1, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 1, - "reason": "3 out of 21 merged PRs checked by a CI test -- score normalized to 1", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 6 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 6, - "reason": "dependency not pinned by hash detected -- score normalized to 6", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "12 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "JavaScript", - "Bytes": 51510, - "CodeBytes": 0, - "Lines": 1463, - "Code": 1144, - "Comment": 166, - "Blank": 153, - "Complexity": 87, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 3858, - "CodeBytes": 0, - "Lines": 170, - "Code": 137, - "Comment": 1, - "Blank": 32, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 6189, - "CodeBytes": 0, - "Lines": 236, - "Code": 235, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 13346, - "CodeBytes": 0, - "Lines": 291, - "Code": 210, - "Comment": 0, - "Blank": 81, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6555, - "CodeBytes": 0, - "Lines": 116, - "Code": 96, - "Comment": 0, - "Blank": 20, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 3576, - "CodeBytes": 0, - "Lines": 104, - "Code": 104, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript Typings", - "Bytes": 139, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 49055.480507903456, - "estimatedScheduleMonths_low": 4.529894470155126, - "estimatedPeople_low": 1.0549914923851864, - "estimatedCost_high": 152878.30247599838, - "estimatedScheduleMonths_high": 4.529894470155126, - "estimatedPeople_high": 1.0549914923851864, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJavaScript 8 1463 153 166 1144 87\n(ULOC) 686\n-------------------------------------------------------------------------------\nYAML 6 170 32 1 137 0\n(ULOC) 93\n-------------------------------------------------------------------------------\nJSON 4 236 1 0 235 0\n(ULOC) 159\n-------------------------------------------------------------------------------\nMarkdown 4 291 81 0 210 0\n(ULOC) 186\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nTOML 1 104 0 0 104 0\n(ULOC) 77\n-------------------------------------------------------------------------------\nTypeScript Typings 1 1 0 0 1 0\n(ULOC) 1\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 25 2381 287 167 1927 87\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1276\nDRYness % 0.54\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $53,792\nEstimated Schedule Effort (organic) 4.53 months\nEstimated People Required (organic) 1.05\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 85173 bytes, 0.085 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/qpp-file-upload-api-client", + "owner": "CMSgov", + "name": "qpp-file-upload-api-client", + "description": "A set of functions to call the QPP Submissions API in common manner, such as for the file upload use case. ", + "commits_count": 425, + "issues_count": 14, + "open_issues_count": 4, + "closed_issues_count": 10, + "pull_requests_count": 199, + "open_pull_requests_count": 8, + "merged_pull_requests_count": 138, + "closed_pull_requests_count": 53, + "forks_count": 3, + "stargazers_count": 3, + "watchers_count": 36, + "total_project_lines": 2381, + "average_project_lines": 95, + "total_project_comment_lines": 167, + "average_project_comment_lines": 7, + "total_project_blank_lines": 287, + "average_blank_lines": 11, + "commits_by_month": { + "2024/10": 1, + "2024/1": 2, + "2023/11": 1, + "2023/1": 8, + "2022/12": 3, + "2022/11": 5, + "2022/10": 7, + "2022/9": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-10-01T05:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2017-09-18T19:06:47Z", + "ossf_scorecard": { + "date": "2025-02-23T16:39:32Z", + "repo": { + "name": "github.com/CMSgov/qpp-file-upload-api-client", + "commit": "3422dcd806b0768c8d6b3b22bca109c0d72060f0" }, - "predominant_langs": { - "JavaScript": 51510 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "qpp-file-upload-api-client", - "33 days 13:31:32.1" - ] + "score": 4.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 1, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 1, + "reason": "3 out of 21 merged PRs checked by a CI test -- score normalized to 1", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 6 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 6, + "reason": "dependency not pinned by hash detected -- score normalized to 6", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "12 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JavaScript", + "Bytes": 51510, + "CodeBytes": 0, + "Lines": 1463, + "Code": 1144, + "Comment": 166, + "Blank": 153, + "Complexity": 87, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 3858, + "CodeBytes": 0, + "Lines": 170, + "Code": 137, + "Comment": 1, + "Blank": 32, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 6189, + "CodeBytes": 0, + "Lines": 236, + "Code": 235, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 13346, + "CodeBytes": 0, + "Lines": 291, + "Code": 210, + "Comment": 0, + "Blank": 81, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6555, + "CodeBytes": 0, + "Lines": 116, + "Code": 96, + "Comment": 0, + "Blank": 20, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 3576, + "CodeBytes": 0, + "Lines": 104, + "Code": 104, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript Typings", + "Bytes": 139, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 49055.480507903456, + "estimatedScheduleMonths_low": 4.529894470155126, + "estimatedPeople_low": 1.0549914923851864, + "estimatedCost_high": 152878.30247599838, + "estimatedScheduleMonths_high": 4.529894470155126, + "estimatedPeople_high": 1.0549914923851864, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 8 1463 153 166 1144 87\n(ULOC) 686\n-------------------------------------------------------------------------------\nYAML 6 170 32 1 137 0\n(ULOC) 93\n-------------------------------------------------------------------------------\nJSON 4 236 1 0 235 0\n(ULOC) 159\n-------------------------------------------------------------------------------\nMarkdown 4 291 81 0 210 0\n(ULOC) 186\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nTOML 1 104 0 0 104 0\n(ULOC) 77\n-------------------------------------------------------------------------------\nTypeScript Typings 1 1 0 0 1 0\n(ULOC) 1\n───────────────────────────────────────────────────────────────────────────────\nTotal 25 2381 287 167 1927 87\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1276\nDRYness % 0.54\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $53,792\nEstimated Schedule Effort (organic) 4.53 months\nEstimated People Required (organic) 1.05\n───────────────────────────────────────────────────────────────────────────────\nProcessed 85173 bytes, 0.085 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 51510 + }, + "average_issue_resolution_time": [ + [ + "qpp-file-upload-api-client", + "33 days 13:31:32.1" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@babel/cli", + 0.0, + "2025-03-01T04:26:01.000" + ], + [ + "@babel/preset-env", + 0.0, + "2025-03-01T04:26:01.000" + ], + [ + "@babel/register", + 0.0, + "2025-03-01T04:26:01.000" + ], + [ + "@snyk/protect", + 2.4712328767, + "2025-03-01T04:26:01.000" + ], + [ + "axios", + 0.0, + "2025-03-01T04:26:01.000" + ], + [ + "babel-loader", + 0.4493150685, + "2025-03-01T04:26:01.000" + ], + [ + "chai", + 0.5589041096, + "2025-03-01T04:26:01.000" + ], + [ + "debug", + 0.0, + "2025-03-01T04:26:01.000" + ], + [ + "eslint", + 3.5643835616, + "2025-03-01T04:26:01.000" + ], + [ + "mocha", + 2.8136986301, + "2025-03-01T04:26:01.000" + ], + [ + "nyc", + 4.304109589, + "2025-03-01T04:26:01.000" + ], + [ + "pre-push", + 0.0, + "2025-03-01T04:26:01.000" + ], + [ + "rimraf", + 4.4191780822, + "2025-03-01T04:26:01.000" + ], + [ + "sinon", + 3.1342465753, + "2025-03-01T04:26:01.000" + ], + [ + "snyk", + 0.0, + "2025-03-01T04:26:01.000" + ], + [ + "tar", + 0.3452054795, + "2025-03-01T04:26:01.000" + ], + [ + "terser-webpack-plugin", + 0.0, + "2025-03-01T04:26:01.000" + ], + [ + "webpack", + 0.0, + "2025-03-01T04:26:01.000" ], - "repo_dependency_libyear_list": [ - [ - "@babel/cli", - 0.0, - "2025-03-01T04:26:01.000" - ], - [ - "@babel/preset-env", - 0.0, - "2025-03-01T04:26:01.000" - ], - [ - "@babel/register", - 0.0, - "2025-03-01T04:26:01.000" - ], - [ - "@snyk/protect", - 2.4712328767, - "2025-03-01T04:26:01.000" - ], - [ - "axios", - 0.0, - "2025-03-01T04:26:01.000" - ], - [ - "babel-loader", - 0.4493150685, - "2025-03-01T04:26:01.000" - ], - [ - "chai", - 0.5589041096, - "2025-03-01T04:26:01.000" - ], - [ - "debug", - 0.0, - "2025-03-01T04:26:01.000" - ], - [ - "eslint", - 3.5643835616, - "2025-03-01T04:26:01.000" - ], - [ - "mocha", - 2.8136986301, - "2025-03-01T04:26:01.000" - ], - [ - "nyc", - 4.304109589, - "2025-03-01T04:26:01.000" - ], - [ - "pre-push", - 0.0, - "2025-03-01T04:26:01.000" - ], - [ - "rimraf", - 4.4191780822, - "2025-03-01T04:26:01.000" - ], - [ - "sinon", - 3.1342465753, - "2025-03-01T04:26:01.000" - ], - [ - "snyk", - 0.0, - "2025-03-01T04:26:01.000" - ], - [ - "tar", - 0.3452054795, - "2025-03-01T04:26:01.000" - ], - [ - "terser-webpack-plugin", - 0.0, - "2025-03-01T04:26:01.000" - ], - [ - "webpack", - 0.0, - "2025-03-01T04:26:01.000" - ], - [ - "webpack-cli", - 2.9068493151, - "2025-03-01T04:26:01.000" - ] + [ + "webpack-cli", + 2.9068493151, + "2025-03-01T04:26:01.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/qpp-measures-data/qpp-measures-data_data.json b/app/site/_data/CMSgov/qpp-measures-data/qpp-measures-data_data.json index 3ea595c78f..779d8af376 100644 --- a/app/site/_data/CMSgov/qpp-measures-data/qpp-measures-data_data.json +++ b/app/site/_data/CMSgov/qpp-measures-data/qpp-measures-data_data.json @@ -1,509 +1,509 @@ { - "url": "https://github.com/CMSgov/qpp-measures-data", - "owner": "CMSgov", - "name": "qpp-measures-data", - "description": "QPP Measures Data", - "commits_count": 2012, - "issues_count": 19, - "open_issues_count": 0, - "closed_issues_count": 19, - "pull_requests_count": 828, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 733, - "closed_pull_requests_count": 94, - "forks_count": 47, - "stargazers_count": 91, - "watchers_count": 76, - "total_project_lines": 1667578, - "average_project_lines": 2485, - "total_project_comment_lines": 2585, - "average_project_comment_lines": 4, - "total_project_blank_lines": 6583, - "average_blank_lines": 10, - "commits_by_month": { - "2025/2": 23, - "2025/1": 7 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-09-20T05:00:00.000Z", - 1 - ], - [ - "2024-09-23T05:00:00.000Z", - 1 - ], - [ - "2024-09-24T05:00:00.000Z", - 1 - ], - [ - "2024-09-25T05:00:00.000Z", - 2 - ], - [ - "2024-10-03T05:00:00.000Z", - 2 - ], - [ - "2024-11-21T06:00:00.000Z", - 2 - ], - [ - "2024-12-03T06:00:00.000Z", - 1 - ], - [ - "2024-12-06T06:00:00.000Z", - 1 - ], - [ - "2024-12-23T06:00:00.000Z", - 2 - ] + "url": "https://github.com/CMSgov/qpp-measures-data", + "owner": "CMSgov", + "name": "qpp-measures-data", + "description": "QPP Measures Data", + "commits_count": 2012, + "issues_count": 19, + "open_issues_count": 0, + "closed_issues_count": 19, + "pull_requests_count": 828, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 733, + "closed_pull_requests_count": 94, + "forks_count": 47, + "stargazers_count": 91, + "watchers_count": 76, + "total_project_lines": 1667578, + "average_project_lines": 2485, + "total_project_comment_lines": 2585, + "average_project_comment_lines": 4, + "total_project_blank_lines": 6583, + "average_blank_lines": 10, + "commits_by_month": { + "2025/2": 23, + "2025/1": 7 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-09-20T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [ - [ - "2025-02-10T06:00:00.000Z", - 1 - ] + [ + "2024-09-23T05:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_six_months": [ - [ - "2025-02-10T06:00:00.000Z", - 1 - ] + [ + "2024-09-24T05:00:00.000Z", + 1 ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", - "nadia_color": "ff69b4", - "nadia_badge_name": "club", - "created_at": "2017-01-06T18:57:02Z", - "ossf_scorecard": { - "date": "2025-02-23T16:32:59Z", - "repo": { - "name": "github.com/CMSgov/qpp-measures-data", - "commit": "95f7d47dc0c59085988f2678c0aa373a809f8715" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 6.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "8 out of 8 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 5, - "reason": "Found 8/14 approved changesets -- score normalized to 5", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 6 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 3, - "reason": "dependency not pinned by hash detected -- score normalized to 3", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 9, - "reason": "SAST tool is not run on all commits -- score normalized to 9", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 9, - "reason": "1 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "CSV", - "Bytes": 17856767, - "CodeBytes": 0, - "Lines": 269630, - "Code": 266193, - "Comment": 0, - "Blank": 3437, - "Complexity": 0, - "Count": 244, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 46124389, - "CodeBytes": 0, - "Lines": 1543920, - "Code": 1543907, - "Comment": 0, - "Blank": 13, - "Complexity": 0, - "Count": 196, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 369873, - "CodeBytes": 0, - "Lines": 10381, - "Code": 8649, - "Comment": 478, - "Blank": 1254, - "Complexity": 945, - "Count": 82, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 317361, - "CodeBytes": 0, - "Lines": 8757, - "Code": 6083, - "Comment": 1777, - "Blank": 897, - "Complexity": 903, - "Count": 72, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 276536, - "CodeBytes": 0, - "Lines": 7091, - "Code": 6745, - "Comment": 46, - "Blank": 300, - "Complexity": 0, - "Count": 46, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 130619, - "CodeBytes": 0, - "Lines": 3420, - "Code": 2897, - "Comment": 166, - "Blank": 357, - "Complexity": 312, - "Count": 20, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "BASH", - "Bytes": 35422, - "CodeBytes": 0, - "Lines": 768, - "Code": 472, - "Comment": 118, - "Blank": 178, - "Complexity": 33, - "Count": 14, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 44626, - "CodeBytes": 0, - "Lines": 673, - "Code": 537, - "Comment": 0, - "Blank": 136, - "Complexity": 0, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 5393648, - "CodeBytes": 0, - "Lines": 114756, - "Code": 114476, - "Comment": 0, - "Blank": 280, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 643, - "CodeBytes": 0, - "Lines": 29, - "Code": 20, - "Comment": 0, - "Blank": 9, - "Complexity": 3, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "INI", - "Bytes": 50, - "CodeBytes": 0, - "Lines": 2, - "Code": 2, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 329, - "CodeBytes": 0, - "Lines": 8, - "Code": 6, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 96, - "CodeBytes": 0, - "Lines": 5, - "Code": 3, - "Comment": 1, - "Blank": 1, - "Complexity": 2, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 70160994.62418601, - "estimatedScheduleMonths_low": 71.63795862497571, - "estimatedPeople_low": 95.41178992895367, - "estimatedCost_high": 218652302.39555186, - "estimatedScheduleMonths_high": 71.63795862497571, - "estimatedPeople_high": 95.41178992895367, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nCSV 244 269630 3437 0 266193 0\n(ULOC) 157819\n-------------------------------------------------------------------------------\nJSON 196 1543920 13 0 1543907 0\n(ULOC) 70068\n-------------------------------------------------------------------------------\nTypeScript 82 10381 1254 478 8649 945\n(ULOC) 3857\n-------------------------------------------------------------------------------\nJavaScript 72 8757 897 1777 6083 903\n(ULOC) 2586\n-------------------------------------------------------------------------------\nYAML 46 7091 300 46 6745 0\n(ULOC) 991\n-------------------------------------------------------------------------------\nPython 20 3420 357 166 2897 312\n(ULOC) 2194\n-------------------------------------------------------------------------------\nBASH 14 768 178 118 472 33\n(ULOC) 338\n-------------------------------------------------------------------------------\nMarkdown 11 673 136 0 537 0\n(ULOC) 408\n-------------------------------------------------------------------------------\nXML 2 114756 280 0 114476 0\n(ULOC) 15451\n-------------------------------------------------------------------------------\nDockerfile 1 29 9 0 20 3\n(ULOC) 18\n-------------------------------------------------------------------------------\nINI 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nMakefile 1 8 2 0 6 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nShell 1 5 1 1 3 2\n(ULOC) 5\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 691 1959440 6864 2586 1949990 2198\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 253124\nDRYness % 0.13\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $76,935,951\nEstimated Schedule Effort (organic) 71.64 months\nEstimated People Required (organic) 95.41\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 70550359 bytes, 70.550 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + [ + "2024-09-25T05:00:00.000Z", + 2 + ], + [ + "2024-10-03T05:00:00.000Z", + 2 + ], + [ + "2024-11-21T06:00:00.000Z", + 2 + ], + [ + "2024-12-03T06:00:00.000Z", + 1 + ], + [ + "2024-12-06T06:00:00.000Z", + 1 + ], + [ + "2024-12-23T06:00:00.000Z", + 2 + ] + ], + "new_issues_by_day_over_last_month": [ + [ + "2025-02-10T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_six_months": [ + [ + "2025-02-10T06:00:00.000Z", + 1 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", + "nadia_color": "ff69b4", + "nadia_badge_name": "club", + "created_at": "2017-01-06T18:57:02Z", + "ossf_scorecard": { + "date": "2025-02-23T16:32:59Z", + "repo": { + "name": "github.com/CMSgov/qpp-measures-data", + "commit": "95f7d47dc0c59085988f2678c0aa373a809f8715" }, - "predominant_langs": { - "TypeScript": 369586, - "JavaScript": 317361, - "Python": 130619, - "Shell": 35518, - "Dockerfile": 643, - "Makefile": 329 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [ - [ - "qpp-measures-data", - "160 days 10:00:53.944444" - ] + "score": 6.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "8 out of 8 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 5, + "reason": "Found 8/14 approved changesets -- score normalized to 5", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 6 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 3, + "reason": "dependency not pinned by hash detected -- score normalized to 3", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 9, + "reason": "SAST tool is not run on all commits -- score normalized to 9", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 9, + "reason": "1 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "CSV", + "Bytes": 17856767, + "CodeBytes": 0, + "Lines": 269630, + "Code": 266193, + "Comment": 0, + "Blank": 3437, + "Complexity": 0, + "Count": 244, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 46121102, + "CodeBytes": 0, + "Lines": 1543837, + "Code": 1543824, + "Comment": 0, + "Blank": 13, + "Complexity": 0, + "Count": 196, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 369586, + "CodeBytes": 0, + "Lines": 10375, + "Code": 8643, + "Comment": 478, + "Blank": 1254, + "Complexity": 944, + "Count": 82, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 317361, + "CodeBytes": 0, + "Lines": 8757, + "Code": 6083, + "Comment": 1777, + "Blank": 897, + "Complexity": 903, + "Count": 72, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 276303, + "CodeBytes": 0, + "Lines": 7088, + "Code": 6742, + "Comment": 46, + "Blank": 300, + "Complexity": 0, + "Count": 46, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 130619, + "CodeBytes": 0, + "Lines": 3420, + "Code": 2897, + "Comment": 166, + "Blank": 357, + "Complexity": 312, + "Count": 20, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "BASH", + "Bytes": 35422, + "CodeBytes": 0, + "Lines": 768, + "Code": 472, + "Comment": 118, + "Blank": 178, + "Complexity": 33, + "Count": 14, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 44626, + "CodeBytes": 0, + "Lines": 673, + "Code": 537, + "Comment": 0, + "Blank": 136, + "Complexity": 0, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 5393648, + "CodeBytes": 0, + "Lines": 114756, + "Code": 114476, + "Comment": 0, + "Blank": 280, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 643, + "CodeBytes": 0, + "Lines": 29, + "Code": 20, + "Comment": 0, + "Blank": 9, + "Complexity": 3, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "INI", + "Bytes": 50, + "CodeBytes": 0, + "Lines": 2, + "Code": 2, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 329, + "CodeBytes": 0, + "Lines": 8, + "Code": 6, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 96, + "CodeBytes": 0, + "Lines": 5, + "Code": 3, + "Comment": 1, + "Blank": 1, + "Complexity": 2, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 70157518.94272791, + "estimatedScheduleMonths_low": 71.63661004192222, + "estimatedPeople_low": 95.40885942676165, + "estimatedCost_high": 218641470.65410808, + "estimatedScheduleMonths_high": 71.63661004192222, + "estimatedPeople_high": 95.40885942676165, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nCSV 244 269630 3437 0 266193 0\n(ULOC) 157819\n-------------------------------------------------------------------------------\nJSON 196 1543837 13 0 1543824 0\n(ULOC) 70068\n-------------------------------------------------------------------------------\nTypeScript 82 10375 1254 478 8643 944\n(ULOC) 3853\n-------------------------------------------------------------------------------\nJavaScript 72 8757 897 1777 6083 903\n(ULOC) 2586\n-------------------------------------------------------------------------------\nYAML 46 7088 300 46 6742 0\n(ULOC) 991\n-------------------------------------------------------------------------------\nPython 20 3420 357 166 2897 312\n(ULOC) 2194\n-------------------------------------------------------------------------------\nBASH 14 768 178 118 472 33\n(ULOC) 338\n-------------------------------------------------------------------------------\nMarkdown 11 673 136 0 537 0\n(ULOC) 408\n-------------------------------------------------------------------------------\nXML 2 114756 280 0 114476 0\n(ULOC) 15451\n-------------------------------------------------------------------------------\nDockerfile 1 29 9 0 20 3\n(ULOC) 18\n-------------------------------------------------------------------------------\nINI 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nMakefile 1 8 2 0 6 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nShell 1 5 1 1 3 2\n(ULOC) 5\n───────────────────────────────────────────────────────────────────────────────\nTotal 691 1959348 6864 2586 1949898 2197\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 253120\nDRYness % 0.13\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $76,932,140\nEstimated Schedule Effort (organic) 71.64 months\nEstimated People Required (organic) 95.41\n───────────────────────────────────────────────────────────────────────────────\nProcessed 70546552 bytes, 70.547 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 369586, + "JavaScript": 317361, + "Python": 130619, + "Shell": 35518, + "Dockerfile": 643, + "Makefile": 329 + }, + "average_issue_resolution_time": [ + [ + "qpp-measures-data", + "160 days 10:00:53.944444" + ] + ], + "repo_dependency_libyear_list": [ + [ + "numpy", + 0.0, + "2025-01-01T18:34:24.000" ], - "repo_dependency_libyear_list": [ - [ - "numpy", - 0.0, - "2025-01-01T18:34:24.000" - ], - [ - "pandas", - 0.0, - "2025-01-01T18:34:24.000" - ] + [ + "pandas", + 0.0, + "2025-01-01T18:34:24.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/qpp-shared-api-versioning-node/qpp-shared-api-versioning-node_data.json b/app/site/_data/CMSgov/qpp-shared-api-versioning-node/qpp-shared-api-versioning-node_data.json index ceba7a7826..4583db4a7c 100644 --- a/app/site/_data/CMSgov/qpp-shared-api-versioning-node/qpp-shared-api-versioning-node_data.json +++ b/app/site/_data/CMSgov/qpp-shared-api-versioning-node/qpp-shared-api-versioning-node_data.json @@ -1,391 +1,391 @@ { - "url": "https://github.com/CMSgov/qpp-shared-api-versioning-node", - "owner": "CMSgov", - "name": "qpp-shared-api-versioning-node", - "description": "The middleware package parses incoming headers to determine the version of the API to be consumed.", - "commits_count": 23, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 18, - "open_pull_requests_count": 7, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 10, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 17, - "total_project_lines": 843, - "average_project_lines": 53, - "total_project_comment_lines": 27, - "average_project_comment_lines": 2, - "total_project_blank_lines": 175, - "average_blank_lines": 11, - "commits_by_month": { - "2020/12": 6, - "2020/9": 1, - "2020/8": 3, - "2017/12": 1, - "2017/11": 6, - "2017/10": 6 + "url": "https://github.com/CMSgov/qpp-shared-api-versioning-node", + "owner": "CMSgov", + "name": "qpp-shared-api-versioning-node", + "description": "The middleware package parses incoming headers to determine the version of the API to be consumed.", + "commits_count": 23, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 18, + "open_pull_requests_count": 7, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 10, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 17, + "total_project_lines": 843, + "average_project_lines": 53, + "total_project_comment_lines": 27, + "average_project_comment_lines": 2, + "total_project_blank_lines": 175, + "average_blank_lines": 11, + "commits_by_month": { + "2020/12": 6, + "2020/9": 1, + "2020/8": 3, + "2017/12": 1, + "2017/11": 6, + "2017/10": 6 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-10-01T12:20:21Z", + "ossf_scorecard": { + "date": "2025-02-23T16:44:54Z", + "repo": { + "name": "github.com/CMSgov/qpp-shared-api-versioning-node", + "commit": "750a8b3b9f29aeb0bb1ed1bb6f1440a2763daae9" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-10-01T12:20:21Z", - "ossf_scorecard": { - "date": "2025-02-23T16:44:54Z", - "repo": { - "name": "github.com/CMSgov/qpp-shared-api-versioning-node", - "commit": "750a8b3b9f29aeb0bb1ed1bb6f1440a2763daae9" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.9, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/23 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 6, - "reason": "dependency not pinned by hash detected -- score normalized to 6", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 4, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "28 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 11230, - "CodeBytes": 0, - "Lines": 300, - "Code": 207, - "Comment": 0, - "Blank": 93, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 4159, - "CodeBytes": 0, - "Lines": 159, - "Code": 107, - "Comment": 24, - "Blank": 28, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 7325, - "CodeBytes": 0, - "Lines": 205, - "Code": 172, - "Comment": 3, - "Blank": 30, - "Complexity": 26, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 1282, - "CodeBytes": 0, - "Lines": 50, - "Code": 50, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6555, - "CodeBytes": 0, - "Lines": 116, - "Code": 96, - "Comment": 0, - "Blank": 20, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 368, - "CodeBytes": 0, - "Lines": 13, - "Code": 9, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 15444.102122027654, - "estimatedScheduleMonths_low": 2.919823733055316, - "estimatedPeople_low": 0.5152945372157588, - "estimatedCost_high": 48130.56749696203, - "estimatedScheduleMonths_high": 2.919823733055316, - "estimatedPeople_high": 0.5152945372157588, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 6 300 93 0 207 0\n(ULOC) 185\n-------------------------------------------------------------------------------\nYAML 4 159 28 24 107 0\n(ULOC) 99\n-------------------------------------------------------------------------------\nJavaScript 3 205 30 3 172 26\n(ULOC) 114\n-------------------------------------------------------------------------------\nJSON 1 50 0 0 50 0\n(ULOC) 48\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nProperties File 1 13 4 0 9 0\n(ULOC) 10\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 16 843 175 27 641 26\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 545\nDRYness % 0.65\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $16,935\nEstimated Schedule Effort (organic) 2.92 months\nEstimated People Required (organic) 0.52\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 30919 bytes, 0.031 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "JavaScript": 7325 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "chai", - 7.4602739726, - "2025-03-01T04:21:35.000" - ], - [ - "eslint", - 7.3616438356, - "2025-03-01T04:21:35.000" - ], - [ - "eslint-config-standard", - 6.1232876712, - "2025-03-01T04:21:35.000" - ], - [ - "eslint-plugin-promise", - 7.1260273973, - "2025-03-01T04:21:35.000" - ], - [ - "eslint-plugin-standard", - 3.6328767123, - "2025-03-01T04:21:35.000" - ], - [ - "mocha", - 3.6575342466, - "2025-03-01T04:21:35.000" - ], - [ - "nyc", - 4.304109589, - "2025-03-01T04:21:35.000" - ], - [ - "opn-cli", - 3.2520547945, - "2025-03-01T04:21:35.000" - ], - [ - "sinon", - 6.9479452055, - "2025-03-01T04:21:35.000" - ], - [ - "standard", - 7.1068493151, - "2025-03-01T04:21:35.000" - ] + "score": 2.9, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/23 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 6, + "reason": "dependency not pinned by hash detected -- score normalized to 6", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 4, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "28 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 11230, + "CodeBytes": 0, + "Lines": 300, + "Code": 207, + "Comment": 0, + "Blank": 93, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 4159, + "CodeBytes": 0, + "Lines": 159, + "Code": 107, + "Comment": 24, + "Blank": 28, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 7325, + "CodeBytes": 0, + "Lines": 205, + "Code": 172, + "Comment": 3, + "Blank": 30, + "Complexity": 26, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 1282, + "CodeBytes": 0, + "Lines": 50, + "Code": 50, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6555, + "CodeBytes": 0, + "Lines": 116, + "Code": 96, + "Comment": 0, + "Blank": 20, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 368, + "CodeBytes": 0, + "Lines": 13, + "Code": 9, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 15444.102122027654, + "estimatedScheduleMonths_low": 2.919823733055316, + "estimatedPeople_low": 0.5152945372157588, + "estimatedCost_high": 48130.56749696203, + "estimatedScheduleMonths_high": 2.919823733055316, + "estimatedPeople_high": 0.5152945372157588, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 6 300 93 0 207 0\n(ULOC) 185\n-------------------------------------------------------------------------------\nYAML 4 159 28 24 107 0\n(ULOC) 99\n-------------------------------------------------------------------------------\nJavaScript 3 205 30 3 172 26\n(ULOC) 114\n-------------------------------------------------------------------------------\nJSON 1 50 0 0 50 0\n(ULOC) 48\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nProperties File 1 13 4 0 9 0\n(ULOC) 10\n───────────────────────────────────────────────────────────────────────────────\nTotal 16 843 175 27 641 26\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 545\nDRYness % 0.65\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $16,935\nEstimated Schedule Effort (organic) 2.92 months\nEstimated People Required (organic) 0.52\n───────────────────────────────────────────────────────────────────────────────\nProcessed 30919 bytes, 0.031 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 7325 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "chai", + 7.4602739726, + "2025-03-01T04:21:35.000" + ], + [ + "eslint", + 7.3616438356, + "2025-03-01T04:21:35.000" + ], + [ + "eslint-config-standard", + 6.1232876712, + "2025-03-01T04:21:35.000" + ], + [ + "eslint-plugin-promise", + 7.1260273973, + "2025-03-01T04:21:35.000" + ], + [ + "eslint-plugin-standard", + 3.6328767123, + "2025-03-01T04:21:35.000" + ], + [ + "mocha", + 3.6575342466, + "2025-03-01T04:21:35.000" + ], + [ + "nyc", + 4.304109589, + "2025-03-01T04:21:35.000" + ], + [ + "opn-cli", + 3.2520547945, + "2025-03-01T04:21:35.000" + ], + [ + "sinon", + 6.9479452055, + "2025-03-01T04:21:35.000" + ], + [ + "standard", + 7.1068493151, + "2025-03-01T04:21:35.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/qpp-shared-healthcheck-node/qpp-shared-healthcheck-node_data.json b/app/site/_data/CMSgov/qpp-shared-healthcheck-node/qpp-shared-healthcheck-node_data.json index fab94da877..b578939ac3 100644 --- a/app/site/_data/CMSgov/qpp-shared-healthcheck-node/qpp-shared-healthcheck-node_data.json +++ b/app/site/_data/CMSgov/qpp-shared-healthcheck-node/qpp-shared-healthcheck-node_data.json @@ -1,339 +1,339 @@ { - "url": "https://github.com/CMSgov/qpp-shared-healthcheck-node", - "owner": "CMSgov", - "name": "qpp-shared-healthcheck-node", - "description": "Shared health check route for QPP services.", - "commits_count": 16, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 11, - "open_pull_requests_count": 8, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 2, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 26, - "total_project_lines": 716, - "average_project_lines": 48, - "total_project_comment_lines": 34, - "average_project_comment_lines": 2, - "total_project_blank_lines": 146, - "average_blank_lines": 10, - "commits_by_month": { - "2020/12": 6, - "2020/8": 1, - "2018/11": 2, - "2018/4": 1, - "2017/11": 6 + "url": "https://github.com/CMSgov/qpp-shared-healthcheck-node", + "owner": "CMSgov", + "name": "qpp-shared-healthcheck-node", + "description": "Shared health check route for QPP services.", + "commits_count": 16, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 11, + "open_pull_requests_count": 8, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 2, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 26, + "total_project_lines": 716, + "average_project_lines": 48, + "total_project_comment_lines": 34, + "average_project_comment_lines": 2, + "total_project_blank_lines": 146, + "average_blank_lines": 10, + "commits_by_month": { + "2020/12": 6, + "2020/8": 1, + "2018/11": 2, + "2018/4": 1, + "2017/11": 6 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-10-01T12:19:34Z", + "ossf_scorecard": { + "date": "2025-02-23T16:42:52Z", + "repo": { + "name": "github.com/CMSgov/qpp-shared-healthcheck-node", + "commit": "4136c92ea59f78c2c875ef193e4190999ba78ecb" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-10-01T12:19:34Z", - "ossf_scorecard": { - "date": "2025-02-23T16:42:52Z", - "repo": { - "name": "github.com/CMSgov/qpp-shared-healthcheck-node", - "commit": "4136c92ea59f78c2c875ef193e4190999ba78ecb" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 1/16 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 5, - "reason": "dependency not pinned by hash detected -- score normalized to 5", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 4, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "17 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 11229, - "CodeBytes": 0, - "Lines": 278, - "Code": 198, - "Comment": 0, - "Blank": 80, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 3534, - "CodeBytes": 0, - "Lines": 143, - "Code": 94, - "Comment": 24, - "Blank": 25, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 3723, - "CodeBytes": 0, - "Lines": 142, - "Code": 115, - "Comment": 10, - "Blank": 17, - "Complexity": 6, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 569, - "CodeBytes": 0, - "Lines": 24, - "Code": 24, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6555, - "CodeBytes": 0, - "Lines": 116, - "Code": 96, - "Comment": 0, - "Blank": 20, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 345, - "CodeBytes": 0, - "Lines": 13, - "Code": 9, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 12799.257099576724, - "estimatedScheduleMonths_low": 2.7186733599721986, - "estimatedPeople_low": 0.4586456082415519, - "estimatedCost_high": 39888.07525841903, - "estimatedScheduleMonths_high": 2.7186733599721986, - "estimatedPeople_high": 0.4586456082415519, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 6 278 80 0 198 0\n(ULOC) 180\n-------------------------------------------------------------------------------\nYAML 4 143 25 24 94 0\n(ULOC) 86\n-------------------------------------------------------------------------------\nJavaScript 2 142 17 10 115 6\n(ULOC) 88\n-------------------------------------------------------------------------------\nJSON 1 24 0 0 24 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nProperties File 1 13 4 0 9 0\n(ULOC) 10\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 15 716 146 34 536 6\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 473\nDRYness % 0.66\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $14,035\nEstimated Schedule Effort (organic) 2.72 months\nEstimated People Required (organic) 0.46\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 25955 bytes, 0.026 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "JavaScript": 3723 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 1/16 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 5, + "reason": "dependency not pinned by hash detected -- score normalized to 5", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 4, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "17 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 11229, + "CodeBytes": 0, + "Lines": 278, + "Code": 198, + "Comment": 0, + "Blank": 80, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 3534, + "CodeBytes": 0, + "Lines": 143, + "Code": 94, + "Comment": 24, + "Blank": 25, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 3723, + "CodeBytes": 0, + "Lines": 142, + "Code": 115, + "Comment": 10, + "Blank": 17, + "Complexity": 6, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 569, + "CodeBytes": 0, + "Lines": 24, + "Code": 24, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6555, + "CodeBytes": 0, + "Lines": 116, + "Code": 96, + "Comment": 0, + "Blank": 20, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 345, + "CodeBytes": 0, + "Lines": 13, + "Code": 9, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 12799.257099576724, + "estimatedScheduleMonths_low": 2.7186733599721986, + "estimatedPeople_low": 0.4586456082415519, + "estimatedCost_high": 39888.07525841903, + "estimatedScheduleMonths_high": 2.7186733599721986, + "estimatedPeople_high": 0.4586456082415519, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 6 278 80 0 198 0\n(ULOC) 180\n-------------------------------------------------------------------------------\nYAML 4 143 25 24 94 0\n(ULOC) 86\n-------------------------------------------------------------------------------\nJavaScript 2 142 17 10 115 6\n(ULOC) 88\n-------------------------------------------------------------------------------\nJSON 1 24 0 0 24 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nProperties File 1 13 4 0 9 0\n(ULOC) 10\n───────────────────────────────────────────────────────────────────────────────\nTotal 15 716 146 34 536 6\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 473\nDRYness % 0.66\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $14,035\nEstimated Schedule Effort (organic) 2.72 months\nEstimated People Required (organic) 0.46\n───────────────────────────────────────────────────────────────────────────────\nProcessed 25955 bytes, 0.026 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 3723 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/qpp-shared-logger-node/qpp-shared-logger-node_data.json b/app/site/_data/CMSgov/qpp-shared-logger-node/qpp-shared-logger-node_data.json index eea6a91600..bb0828e222 100644 --- a/app/site/_data/CMSgov/qpp-shared-logger-node/qpp-shared-logger-node_data.json +++ b/app/site/_data/CMSgov/qpp-shared-logger-node/qpp-shared-logger-node_data.json @@ -1,625 +1,625 @@ { - "url": "https://github.com/CMSgov/qpp-shared-logger-node", - "owner": "CMSgov", - "name": "qpp-shared-logger-node", - "description": "Common QPP logger that is shared across the different teams", - "commits_count": 141, - "issues_count": 1, - "open_issues_count": 1, - "closed_issues_count": 0, - "pull_requests_count": 56, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 31, - "closed_pull_requests_count": 24, - "forks_count": 3, - "stargazers_count": 2, - "watchers_count": 20, - "total_project_lines": 2505, - "average_project_lines": 81, - "total_project_comment_lines": 122, - "average_project_comment_lines": 4, - "total_project_blank_lines": 347, - "average_blank_lines": 11, - "commits_by_month": { - "2024/12": 1, - "2024/6": 2, - "2023/7": 23, - "2023/1": 4 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-12-19T06:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2020-10-01T12:18:35Z", - "ossf_scorecard": { - "date": "2025-02-23T16:41:45Z", - "repo": { - "name": "github.com/CMSgov/qpp-shared-logger-node", - "commit": "427542f2f398ba1126f4dcdd7e1c451ed1f44a19" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 4.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 8, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 2, - "reason": "2 out of 7 merged PRs checked by a CI test -- score normalized to 2", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 7, - "reason": "Found 5/7 approved changesets -- score normalized to 7", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 8 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 0, - "reason": "dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 5, - "reason": "dependency not pinned by hash detected -- score normalized to 5", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 7, - "reason": "SAST tool detected but not run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 4, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 2, - "reason": "8 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "cocomo": { - "languageSummary": [ - { - "Name": "TypeScript", - "Bytes": 47164, - "CodeBytes": 0, - "Lines": 1360, - "Code": 1176, - "Comment": 49, - "Blank": 135, - "Complexity": 97, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 21535, - "CodeBytes": 0, - "Lines": 435, - "Code": 312, - "Comment": 0, - "Blank": 123, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 8641, - "CodeBytes": 0, - "Lines": 290, - "Code": 189, - "Comment": 53, - "Blank": 48, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 3684, - "CodeBytes": 0, - "Lines": 156, - "Code": 156, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 3757, - "CodeBytes": 0, - "Lines": 135, - "Code": 98, - "Comment": 20, - "Blank": 17, - "Complexity": 14, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6555, - "CodeBytes": 0, - "Lines": 116, - "Code": 96, - "Comment": 0, - "Blank": 20, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 365, - "CodeBytes": 0, - "Lines": 13, - "Code": 9, - "Comment": 0, - "Blank": 4, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 51973.07300184891, - "estimatedScheduleMonths_low": 4.630443743550191, - "estimatedPeople_low": 1.0934660204491848, - "estimatedCost_high": 161970.79495946792, - "estimatedScheduleMonths_high": 4.630443743550191, - "estimatedPeople_high": 1.0934660204491848, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTypeScript 8 1360 135 49 1176 97\n(ULOC) 758\n-------------------------------------------------------------------------------\nMarkdown 7 435 123 0 312 0\n(ULOC) 279\n-------------------------------------------------------------------------------\nYAML 6 290 48 53 189 0\n(ULOC) 180\n-------------------------------------------------------------------------------\nJSON 4 156 0 0 156 0\n(ULOC) 134\n-------------------------------------------------------------------------------\nJavaScript 4 135 17 20 98 14\n(ULOC) 98\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nProperties File 1 13 4 0 9 0\n(ULOC) 10\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 31 2505 347 122 2036 111\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1534\nDRYness % 0.61\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $56,991\nEstimated Schedule Effort (organic) 4.63 months\nEstimated People Required (organic) 1.09\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 91701 bytes, 0.092 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMSgov/qpp-shared-logger-node", + "owner": "CMSgov", + "name": "qpp-shared-logger-node", + "description": "Common QPP logger that is shared across the different teams", + "commits_count": 141, + "issues_count": 1, + "open_issues_count": 1, + "closed_issues_count": 0, + "pull_requests_count": 56, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 31, + "closed_pull_requests_count": 24, + "forks_count": 3, + "stargazers_count": 2, + "watchers_count": 20, + "total_project_lines": 2505, + "average_project_lines": 81, + "total_project_comment_lines": 122, + "average_project_comment_lines": 4, + "total_project_blank_lines": 347, + "average_blank_lines": 11, + "commits_by_month": { + "2024/12": 1, + "2024/6": 2, + "2023/7": 23, + "2023/1": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-12-19T06:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2020-10-01T12:18:35Z", + "ossf_scorecard": { + "date": "2025-02-23T16:41:45Z", + "repo": { + "name": "github.com/CMSgov/qpp-shared-logger-node", + "commit": "427542f2f398ba1126f4dcdd7e1c451ed1f44a19" }, - "predominant_langs": { - "TypeScript": 47164, - "JavaScript": 3757 + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "@snyk/protect", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "@types/chai", - 0.0, - "2023-07-19T10:56:56.000" - ], - [ - "@types/chai", - 1.0301369863, - "2025-03-01T04:22:11.000" - ], - [ - "@types/mocha", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "@types/mocha", - 3.501369863, - "2023-07-19T10:56:56.000" - ], - [ - "@types/morgan", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "@types/node", - 1.2684931507, - "2025-03-01T04:22:11.000" - ], - [ - "@types/node", - 3.2821917808, - "2023-07-19T10:56:56.000" - ], - [ - "@types/winston", - 0.0, - "2023-07-19T10:56:56.000" - ], - [ - "@typescript-eslint/parser", - 1.0520547945, - "2025-03-01T04:22:11.000" - ], - [ - "chai", - 0.0, - "2023-07-19T10:56:56.000" - ], - [ - "chai", - 0.5589041096, - "2025-03-01T04:22:11.000" - ], - [ - "eslint", - 0.4328767123, - "2025-03-01T04:22:11.000" - ], - [ - "eslint", - 5.3150684932, - "2023-07-19T10:56:56.000" - ], - [ - "eslint-config-prettier", - 1.5890410959, - "2025-03-01T04:22:11.000" - ], - [ - "eslint-config-prettier", - 5.3150684932, - "2023-07-19T10:56:56.000" - ], - [ - "eslint-plugin-prettier", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "eslint-plugin-prettier", - 4.7890410959, - "2023-07-19T10:56:56.000" - ], - [ - "husky", - 1.202739726, - "2023-07-19T10:56:56.000" - ], - [ - "husky", - 1.8767123288, - "2025-03-01T04:22:11.000" - ], - [ - "lodash", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "mocha", - 0.1726027397, - "2025-03-01T04:22:11.000" - ], - [ - "mocha", - 2.5534246575, - "2023-07-19T10:56:56.000" - ], - [ - "moment", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "morgan", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "nyc", - 0.0, - "2023-07-19T10:56:56.000" - ], - [ - "nyc", - 4.304109589, - "2025-03-01T04:22:11.000" - ], - [ - "prettier", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "prettier", - 0.2, - "2023-07-19T10:56:56.000" - ], - [ - "rimraf", - -0.0602739726, - "2025-03-01T04:22:11.000" - ], - [ - "rimraf", - 3.2684931507, - "2023-07-19T10:56:56.000" - ], - [ - "rotating-file-stream", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "rotating-file-stream", - 3.3095890411, - "2023-07-19T10:56:56.000" - ], - [ - "sinon", - 1.2328767123, - "2025-03-01T04:22:11.000" - ], - [ - "sinon", - 5.2273972603, - "2023-07-19T10:56:56.000" - ], - [ - "snyk", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "snyk", - 0.8602739726, - "2023-07-19T10:56:56.000" - ], - [ - "ts-node", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "ts-node", - 4.0602739726, - "2023-07-19T10:56:56.000" - ], - [ - "ts-node-dev", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "ts-node-dev", - 0.901369863, - "2023-07-19T10:56:56.000" - ], - [ - "tsconfig-paths", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "tsconfig-paths", - 3.5452054795, - "2023-07-19T10:56:56.000" - ], - [ - "tslint", - 0.7342465753, - "2023-07-19T10:56:56.000" - ], - [ - "tslint-config-airbnb", - 1.3342465753, - "2023-07-19T10:56:56.000" - ], - [ - "typescript", - -0.002739726, - "2025-03-01T04:22:11.000" - ], - [ - "typescript", - 2.0328767123, - "2023-07-19T10:56:56.000" - ], - [ - "winston", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "winston", - 0.1232876712, - "2023-07-19T10:56:56.000" - ], - [ - "winston-daily-rotate-file", - 0.0, - "2023-07-19T10:56:56.000" - ], - [ - "winston-daily-rotate-file", - 1.695890411, - "2025-03-01T04:22:11.000" - ], - [ - "winston-splunk-httplogger", - 0.0, - "2025-03-01T04:22:11.000" - ], - [ - "winston-transport", - 0.0, - "2025-03-01T04:22:11.000" - ] + "score": 4.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 8, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 2, + "reason": "2 out of 7 merged PRs checked by a CI test -- score normalized to 2", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 7, + "reason": "Found 5/7 approved changesets -- score normalized to 7", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 8 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 0, + "reason": "dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 5, + "reason": "dependency not pinned by hash detected -- score normalized to 5", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 7, + "reason": "SAST tool detected but not run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 4, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 2, + "reason": "8 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "TypeScript", + "Bytes": 47164, + "CodeBytes": 0, + "Lines": 1360, + "Code": 1176, + "Comment": 49, + "Blank": 135, + "Complexity": 97, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 21535, + "CodeBytes": 0, + "Lines": 435, + "Code": 312, + "Comment": 0, + "Blank": 123, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 8641, + "CodeBytes": 0, + "Lines": 290, + "Code": 189, + "Comment": 53, + "Blank": 48, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 3684, + "CodeBytes": 0, + "Lines": 156, + "Code": 156, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 3757, + "CodeBytes": 0, + "Lines": 135, + "Code": 98, + "Comment": 20, + "Blank": 17, + "Complexity": 14, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6555, + "CodeBytes": 0, + "Lines": 116, + "Code": 96, + "Comment": 0, + "Blank": 20, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 365, + "CodeBytes": 0, + "Lines": 13, + "Code": 9, + "Comment": 0, + "Blank": 4, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 51973.07300184891, + "estimatedScheduleMonths_low": 4.630443743550191, + "estimatedPeople_low": 1.0934660204491848, + "estimatedCost_high": 161970.79495946792, + "estimatedScheduleMonths_high": 4.630443743550191, + "estimatedPeople_high": 1.0934660204491848, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 8 1360 135 49 1176 97\n(ULOC) 758\n-------------------------------------------------------------------------------\nMarkdown 7 435 123 0 312 0\n(ULOC) 279\n-------------------------------------------------------------------------------\nYAML 6 290 48 53 189 0\n(ULOC) 180\n-------------------------------------------------------------------------------\nJSON 4 156 0 0 156 0\n(ULOC) 134\n-------------------------------------------------------------------------------\nJavaScript 4 135 17 20 98 14\n(ULOC) 98\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nProperties File 1 13 4 0 9 0\n(ULOC) 10\n───────────────────────────────────────────────────────────────────────────────\nTotal 31 2505 347 122 2036 111\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1534\nDRYness % 0.61\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $56,991\nEstimated Schedule Effort (organic) 4.63 months\nEstimated People Required (organic) 1.09\n───────────────────────────────────────────────────────────────────────────────\nProcessed 91701 bytes, 0.092 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "TypeScript": 47164, + "JavaScript": 3757 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "@snyk/protect", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "@types/chai", + 0.0, + "2023-07-19T10:56:56.000" + ], + [ + "@types/chai", + 1.0301369863, + "2025-03-01T04:22:11.000" + ], + [ + "@types/mocha", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "@types/mocha", + 3.501369863, + "2023-07-19T10:56:56.000" + ], + [ + "@types/morgan", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "@types/node", + 1.2684931507, + "2025-03-01T04:22:11.000" + ], + [ + "@types/node", + 3.2821917808, + "2023-07-19T10:56:56.000" + ], + [ + "@types/winston", + 0.0, + "2023-07-19T10:56:56.000" + ], + [ + "@typescript-eslint/parser", + 1.0520547945, + "2025-03-01T04:22:11.000" + ], + [ + "chai", + 0.0, + "2023-07-19T10:56:56.000" + ], + [ + "chai", + 0.5589041096, + "2025-03-01T04:22:11.000" + ], + [ + "eslint", + 0.4328767123, + "2025-03-01T04:22:11.000" + ], + [ + "eslint", + 5.3150684932, + "2023-07-19T10:56:56.000" + ], + [ + "eslint-config-prettier", + 1.5890410959, + "2025-03-01T04:22:11.000" + ], + [ + "eslint-config-prettier", + 5.3150684932, + "2023-07-19T10:56:56.000" + ], + [ + "eslint-plugin-prettier", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "eslint-plugin-prettier", + 4.7890410959, + "2023-07-19T10:56:56.000" + ], + [ + "husky", + 1.202739726, + "2023-07-19T10:56:56.000" + ], + [ + "husky", + 1.8767123288, + "2025-03-01T04:22:11.000" + ], + [ + "lodash", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "mocha", + 0.1726027397, + "2025-03-01T04:22:11.000" + ], + [ + "mocha", + 2.5534246575, + "2023-07-19T10:56:56.000" + ], + [ + "moment", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "morgan", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "nyc", + 0.0, + "2023-07-19T10:56:56.000" + ], + [ + "nyc", + 4.304109589, + "2025-03-01T04:22:11.000" + ], + [ + "prettier", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "prettier", + 0.2, + "2023-07-19T10:56:56.000" + ], + [ + "rimraf", + -0.0602739726, + "2025-03-01T04:22:11.000" + ], + [ + "rimraf", + 3.2684931507, + "2023-07-19T10:56:56.000" + ], + [ + "rotating-file-stream", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "rotating-file-stream", + 3.3095890411, + "2023-07-19T10:56:56.000" + ], + [ + "sinon", + 1.2328767123, + "2025-03-01T04:22:11.000" + ], + [ + "sinon", + 5.2273972603, + "2023-07-19T10:56:56.000" + ], + [ + "snyk", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "snyk", + 0.8602739726, + "2023-07-19T10:56:56.000" + ], + [ + "ts-node", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "ts-node", + 4.0602739726, + "2023-07-19T10:56:56.000" + ], + [ + "ts-node-dev", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "ts-node-dev", + 0.901369863, + "2023-07-19T10:56:56.000" + ], + [ + "tsconfig-paths", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "tsconfig-paths", + 3.5452054795, + "2023-07-19T10:56:56.000" + ], + [ + "tslint", + 0.7342465753, + "2023-07-19T10:56:56.000" + ], + [ + "tslint-config-airbnb", + 1.3342465753, + "2023-07-19T10:56:56.000" + ], + [ + "typescript", + -0.002739726, + "2025-03-01T04:22:11.000" + ], + [ + "typescript", + 2.0328767123, + "2023-07-19T10:56:56.000" + ], + [ + "winston", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "winston", + 0.1232876712, + "2023-07-19T10:56:56.000" + ], + [ + "winston-daily-rotate-file", + 0.0, + "2023-07-19T10:56:56.000" + ], + [ + "winston-daily-rotate-file", + 1.695890411, + "2025-03-01T04:22:11.000" + ], + [ + "winston-splunk-httplogger", + 0.0, + "2025-03-01T04:22:11.000" + ], + [ + "winston-transport", + 0.0, + "2025-03-01T04:22:11.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMSgov/rato-website/rato-website_data.json b/app/site/_data/CMSgov/rato-website/rato-website_data.json index 03dd5e965b..51da6d3e6b 100644 --- a/app/site/_data/CMSgov/rato-website/rato-website_data.json +++ b/app/site/_data/CMSgov/rato-website/rato-website_data.json @@ -1,360 +1,360 @@ { - "url": "https://github.com/CMSgov/rato-website", - "owner": "CMSgov", - "name": "rato-website", - "description": "Rapid ATO website content focused on demystifying security & compliance at CMS.", - "commits_count": 81, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 5, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 3, - "closed_pull_requests_count": 2, - "forks_count": 3, - "stargazers_count": 2, - "watchers_count": 17, - "total_project_lines": 63192, - "average_project_lines": 28, - "total_project_comment_lines": 5814, - "average_project_comment_lines": 3, - "total_project_blank_lines": 5432, - "average_blank_lines": 2, - "commits_by_month": { - "2023/7": 2, - "2023/6": 2, - "2022/10": 2, - "2022/5": 1, - "2021/11": 2, - "2021/10": 6, - "2021/9": 9, - "2021/8": 6 + "url": "https://github.com/CMSgov/rato-website", + "owner": "CMSgov", + "name": "rato-website", + "description": "Rapid ATO website content focused on demystifying security & compliance at CMS.", + "commits_count": 81, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 5, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 3, + "closed_pull_requests_count": 2, + "forks_count": 3, + "stargazers_count": 2, + "watchers_count": 17, + "total_project_lines": 63192, + "average_project_lines": 28, + "total_project_comment_lines": 5814, + "average_project_comment_lines": 3, + "total_project_blank_lines": 5432, + "average_blank_lines": 2, + "commits_by_month": { + "2023/7": 2, + "2023/6": 2, + "2022/10": 2, + "2022/5": 1, + "2021/11": 2, + "2021/10": 6, + "2021/9": 9, + "2021/8": 6 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2021-02-25T21:26:52Z", + "ossf_scorecard": { + "date": "2025-02-23T16:41:01Z", + "repo": { + "name": "github.com/CMSgov/rato-website", + "commit": "02ed4303fa4a7d6f98aac2cc8b861bfca634dbe9" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2021-02-25T21:26:52Z", - "ossf_scorecard": { - "date": "2025-02-23T16:41:01Z", - "repo": { - "name": "github.com/CMSgov/rato-website", - "commit": "02ed4303fa4a7d6f98aac2cc8b861bfca634dbe9" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 3.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/26 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 3 contributing companies or organizations -- score normalized to 10", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "SVG", - "Bytes": 857885, - "CodeBytes": 0, - "Lines": 1904, - "Code": 1904, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1870, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 655033, - "CodeBytes": 0, - "Lines": 26531, - "Code": 19417, - "Comment": 4222, - "Blank": 2892, - "Complexity": 305, - "Count": 329, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 254823, - "CodeBytes": 0, - "Lines": 4685, - "Code": 2710, - "Comment": 1171, - "Blank": 804, - "Complexity": 0, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 827361, - "CodeBytes": 0, - "Lines": 6985, - "Code": 5999, - "Comment": 414, - "Blank": 572, - "Complexity": 373, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 814499, - "CodeBytes": 0, - "Lines": 23042, - "Code": 21888, - "Comment": 7, - "Blank": 1147, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1511, - "CodeBytes": 0, - "Lines": 44, - "Code": 27, - "Comment": 0, - "Blank": 17, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 26, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 1559162.7497549846, - "estimatedScheduleMonths_low": 16.86264017524975, - "estimatedPeople_low": 9.00773052934784, - "estimatedCost_high": 4859032.099949542, - "estimatedScheduleMonths_high": 16.86264017524975, - "estimatedPeople_high": 9.00773052934784, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nSVG 1870 1904 0 0 1904 0\n(ULOC) 1549\n-------------------------------------------------------------------------------\nSass 329 26531 2892 4222 19417 305\n(ULOC) 13314\n-------------------------------------------------------------------------------\nHTML 13 4685 804 1171 2710 0\n(ULOC) 1077\n-------------------------------------------------------------------------------\nJavaScript 4 6985 572 414 5999 373\n(ULOC) 3878\n-------------------------------------------------------------------------------\nCSS 2 23042 1147 7 21888 0\n(ULOC) 8109\n-------------------------------------------------------------------------------\nMarkdown 2 44 17 0 27 0\n(ULOC) 28\n-------------------------------------------------------------------------------\nYAML 1 1 0 0 1 0\n(ULOC) 1\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 2221 63192 5432 5814 51946 678\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 27882\nDRYness % 0.44\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $1,709,720\nEstimated Schedule Effort (organic) 16.86 months\nEstimated People Required (organic) 9.01\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 3411138 bytes, 3.411 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "JavaScript": 738341, - "SCSS": 655033, - "CSS": 458253, - "HTML": 254823 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/26 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 3 contributing companies or organizations -- score normalized to 10", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "SVG", + "Bytes": 857885, + "CodeBytes": 0, + "Lines": 1904, + "Code": 1904, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1870, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 655033, + "CodeBytes": 0, + "Lines": 26531, + "Code": 19417, + "Comment": 4222, + "Blank": 2892, + "Complexity": 305, + "Count": 329, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 254823, + "CodeBytes": 0, + "Lines": 4685, + "Code": 2710, + "Comment": 1171, + "Blank": 804, + "Complexity": 0, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 827361, + "CodeBytes": 0, + "Lines": 6985, + "Code": 5999, + "Comment": 414, + "Blank": 572, + "Complexity": 373, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 814499, + "CodeBytes": 0, + "Lines": 23042, + "Code": 21888, + "Comment": 7, + "Blank": 1147, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1511, + "CodeBytes": 0, + "Lines": 44, + "Code": 27, + "Comment": 0, + "Blank": 17, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 26, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 1559162.7497549846, + "estimatedScheduleMonths_low": 16.86264017524975, + "estimatedPeople_low": 9.00773052934784, + "estimatedCost_high": 4859032.099949542, + "estimatedScheduleMonths_high": 16.86264017524975, + "estimatedPeople_high": 9.00773052934784, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nSVG 1870 1904 0 0 1904 0\n(ULOC) 1549\n-------------------------------------------------------------------------------\nSass 329 26531 2892 4222 19417 305\n(ULOC) 13314\n-------------------------------------------------------------------------------\nHTML 13 4685 804 1171 2710 0\n(ULOC) 1077\n-------------------------------------------------------------------------------\nJavaScript 4 6985 572 414 5999 373\n(ULOC) 3878\n-------------------------------------------------------------------------------\nCSS 2 23042 1147 7 21888 0\n(ULOC) 8109\n-------------------------------------------------------------------------------\nMarkdown 2 44 17 0 27 0\n(ULOC) 28\n-------------------------------------------------------------------------------\nYAML 1 1 0 0 1 0\n(ULOC) 1\n───────────────────────────────────────────────────────────────────────────────\nTotal 2221 63192 5432 5814 51946 678\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 27882\nDRYness % 0.44\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,709,720\nEstimated Schedule Effort (organic) 16.86 months\nEstimated People Required (organic) 9.01\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3411138 bytes, 3.411 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "JavaScript": 738341, + "SCSS": 655033, + "CSS": 458253, + "HTML": 254823 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/redhat-enterprise-linux-8-stig-baseline/redhat-enterprise-linux-8-stig-baseline_data.json b/app/site/_data/CMSgov/redhat-enterprise-linux-8-stig-baseline/redhat-enterprise-linux-8-stig-baseline_data.json index 868341fa5e..8b254f1653 100644 --- a/app/site/_data/CMSgov/redhat-enterprise-linux-8-stig-baseline/redhat-enterprise-linux-8-stig-baseline_data.json +++ b/app/site/_data/CMSgov/redhat-enterprise-linux-8-stig-baseline/redhat-enterprise-linux-8-stig-baseline_data.json @@ -1,373 +1,373 @@ { - "url": "https://github.com/CMSgov/redhat-enterprise-linux-8-stig-baseline", - "owner": "CMSgov", - "name": "redhat-enterprise-linux-8-stig-baseline", - "description": null, - "commits_count": 66, - "issues_count": 6, - "open_issues_count": 5, - "closed_issues_count": 1, - "pull_requests_count": 17, - "open_pull_requests_count": 5, - "merged_pull_requests_count": 5, - "closed_pull_requests_count": 7, - "forks_count": 11, - "stargazers_count": 8, - "watchers_count": 16, - "total_project_lines": 38222, - "average_project_lines": 93, - "total_project_comment_lines": 684, - "average_project_comment_lines": 2, - "total_project_blank_lines": 6760, - "average_blank_lines": 17, - "commits_by_month": { - "2023/5": 3, - "2022/10": 16, - "2022/9": 11 + "url": "https://github.com/CMSgov/redhat-enterprise-linux-8-stig-baseline", + "owner": "CMSgov", + "name": "redhat-enterprise-linux-8-stig-baseline", + "description": null, + "commits_count": 66, + "issues_count": 6, + "open_issues_count": 5, + "closed_issues_count": 1, + "pull_requests_count": 17, + "open_pull_requests_count": 5, + "merged_pull_requests_count": 5, + "closed_pull_requests_count": 7, + "forks_count": 11, + "stargazers_count": 8, + "watchers_count": 16, + "total_project_lines": 38222, + "average_project_lines": 93, + "total_project_comment_lines": 684, + "average_project_comment_lines": 2, + "total_project_blank_lines": 6760, + "average_blank_lines": 17, + "commits_by_month": { + "2023/5": 3, + "2022/10": 16, + "2022/9": 11 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "created_at": "2022-03-08T17:54:28Z", + "ossf_scorecard": { + "date": "2025-02-23T16:37:28Z", + "repo": { + "name": "github.com/CMSgov/redhat-enterprise-linux-8-stig-baseline", + "commit": "3a16e0f3e62e03a1fce5e38f489d67732d5011db" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "created_at": "2022-03-08T17:54:28Z", - "ossf_scorecard": { - "date": "2025-02-23T16:37:28Z", - "repo": { - "name": "github.com/CMSgov/redhat-enterprise-linux-8-stig-baseline", - "commit": "3a16e0f3e62e03a1fce5e38f489d67732d5011db" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 6, - "reason": "Found 2/3 approved changesets -- score normalized to 6", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "16 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "Ruby", - "Bytes": 1002699, - "CodeBytes": 0, - "Lines": 27075, - "Code": 23018, - "Comment": 211, - "Blank": 3846, - "Complexity": 1516, - "Count": 383, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 121583, - "CodeBytes": 0, - "Lines": 2957, - "Code": 2408, - "Comment": 473, - "Blank": 76, - "Complexity": 0, - "Count": 19, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 51453118, - "CodeBytes": 0, - "Lines": 13, - "Code": 13, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 72818, - "CodeBytes": 0, - "Lines": 868, - "Code": 789, - "Comment": 0, - "Blank": 79, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 248, - "CodeBytes": 0, - "Lines": 14, - "Code": 13, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 11, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 3382, - "CodeBytes": 0, - "Lines": 86, - "Code": 77, - "Comment": 0, - "Blank": 9, - "Complexity": 15, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 1273647, - "CodeBytes": 0, - "Lines": 7220, - "Code": 4471, - "Comment": 0, - "Blank": 2749, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 900309.6538528526, - "estimatedScheduleMonths_low": 13.686605404716962, - "estimatedPeople_low": 6.408341816576975, - "estimatedCost_high": 2805758.0959094395, - "estimatedScheduleMonths_high": 13.686605404716962, - "estimatedPeople_high": 6.408341816576975, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nRuby 383 27075 3846 211 23018 1516\n(ULOC) 9670\n-------------------------------------------------------------------------------\nYAML 19 2957 76 473 2408 0\n(ULOC) 1803\n-------------------------------------------------------------------------------\nJSON 13 13 0 0 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nMarkdown 2 868 79 0 789 0\n(ULOC) 588\n-------------------------------------------------------------------------------\nGemfile 1 14 1 0 13 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nLicense 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nPython 1 86 9 0 77 15\n(ULOC) 76\n-------------------------------------------------------------------------------\nXML 1 7220 2749 0 4471 0\n(ULOC) 2870\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 421 38234 6760 684 30790 1531\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 15016\nDRYness % 0.39\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $987,246\nEstimated Schedule Effort (organic) 13.69 months\nEstimated People Required (organic) 6.41\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 53927506 bytes, 53.928 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "Ruby": 1002947, - "Python": 3382 - }, - "average_issue_resolution_time": [ - [ - "redhat-enterprise-linux-8-stig-baseline", - "1 day 03:03:01" - ] + "score": 2.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 6, + "reason": "Found 2/3 approved changesets -- score normalized to 6", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "16 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Ruby", + "Bytes": 1002699, + "CodeBytes": 0, + "Lines": 27075, + "Code": 23018, + "Comment": 211, + "Blank": 3846, + "Complexity": 1516, + "Count": 383, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 121583, + "CodeBytes": 0, + "Lines": 2957, + "Code": 2408, + "Comment": 473, + "Blank": 76, + "Complexity": 0, + "Count": 19, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 51453118, + "CodeBytes": 0, + "Lines": 13, + "Code": 13, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 72818, + "CodeBytes": 0, + "Lines": 868, + "Code": 789, + "Comment": 0, + "Blank": 79, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 248, + "CodeBytes": 0, + "Lines": 14, + "Code": 13, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 11, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 3382, + "CodeBytes": 0, + "Lines": 86, + "Code": 77, + "Comment": 0, + "Blank": 9, + "Complexity": 15, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 1273647, + "CodeBytes": 0, + "Lines": 7220, + "Code": 4471, + "Comment": 0, + "Blank": 2749, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "estimatedCost_low": 900309.6538528526, + "estimatedScheduleMonths_low": 13.686605404716962, + "estimatedPeople_low": 6.408341816576975, + "estimatedCost_high": 2805758.0959094395, + "estimatedScheduleMonths_high": 13.686605404716962, + "estimatedPeople_high": 6.408341816576975, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nRuby 383 27075 3846 211 23018 1516\n(ULOC) 9670\n-------------------------------------------------------------------------------\nYAML 19 2957 76 473 2408 0\n(ULOC) 1803\n-------------------------------------------------------------------------------\nJSON 13 13 0 0 13 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nMarkdown 2 868 79 0 789 0\n(ULOC) 588\n-------------------------------------------------------------------------------\nGemfile 1 14 1 0 13 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nLicense 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nPython 1 86 9 0 77 15\n(ULOC) 76\n-------------------------------------------------------------------------------\nXML 1 7220 2749 0 4471 0\n(ULOC) 2870\n───────────────────────────────────────────────────────────────────────────────\nTotal 421 38234 6760 684 30790 1531\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 15016\nDRYness % 0.39\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $987,246\nEstimated Schedule Effort (organic) 13.69 months\nEstimated People Required (organic) 6.41\n───────────────────────────────────────────────────────────────────────────────\nProcessed 53927506 bytes, 53.928 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "Ruby": 1002947, + "Python": 3382 + }, + "average_issue_resolution_time": [ + [ + "redhat-enterprise-linux-8-stig-baseline", + "1 day 03:03:01" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/snyk_web/snyk_web_data.json b/app/site/_data/CMSgov/snyk_web/snyk_web_data.json index 0795f41a54..cddf6f16fe 100644 --- a/app/site/_data/CMSgov/snyk_web/snyk_web_data.json +++ b/app/site/_data/CMSgov/snyk_web/snyk_web_data.json @@ -1,340 +1,340 @@ { - "url": "https://github.com/CMSgov/snyk_web", - "owner": "CMSgov", - "name": "snyk_web", - "description": "To store the content for the Snyk Web for OIT", - "commits_count": 38, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 10, - "total_project_lines": 65478, - "average_project_lines": 26, - "total_project_comment_lines": 5893, - "average_project_comment_lines": 2, - "total_project_blank_lines": 5386, - "average_blank_lines": 2, - "commits_by_month": { - "2023/8": 14, - "2022/9": 2, - "2021/11": 14 + "url": "https://github.com/CMSgov/snyk_web", + "owner": "CMSgov", + "name": "snyk_web", + "description": "To store the content for the Snyk Web for OIT", + "commits_count": 38, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 10, + "total_project_lines": 65478, + "average_project_lines": 26, + "total_project_comment_lines": 5893, + "average_project_comment_lines": 2, + "total_project_blank_lines": 5386, + "average_blank_lines": 2, + "commits_by_month": { + "2023/8": 14, + "2022/9": 2, + "2021/11": 14 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2021-10-27T19:39:02Z", + "ossf_scorecard": { + "date": "2025-02-23T16:42:46Z", + "repo": { + "name": "github.com/CMSgov/snyk_web", + "commit": "8e3e7f351e0082134a6e6ec624171fb7a542d95b" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2021-10-27T19:39:02Z", - "ossf_scorecard": { - "date": "2025-02-23T16:42:46Z", - "repo": { - "name": "github.com/CMSgov/snyk_web", - "commit": "8e3e7f351e0082134a6e6ec624171fb7a542d95b" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/29 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "SVG", - "Bytes": 949059, - "CodeBytes": 0, - "Lines": 2151, - "Code": 2151, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2117, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 782046, - "CodeBytes": 0, - "Lines": 30989, - "Code": 22077, - "Comment": 5446, - "Blank": 3466, - "Complexity": 657, - "Count": 434, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 791050, - "CodeBytes": 0, - "Lines": 6612, - "Code": 5597, - "Comment": 440, - "Blank": 575, - "Complexity": 368, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 917560, - "CodeBytes": 0, - "Lines": 25392, - "Code": 24054, - "Comment": 7, - "Blank": 1331, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 14575, - "CodeBytes": 0, - "Lines": 331, - "Code": 318, - "Comment": 0, - "Blank": 13, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 291, - "CodeBytes": 0, - "Lines": 3, - "Code": 2, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 1630243.8518085172, - "estimatedScheduleMonths_low": 17.1507374527343, - "estimatedPeople_low": 9.260176838467164, - "estimatedCost_high": 5080551.858956214, - "estimatedScheduleMonths_high": 17.1507374527343, - "estimatedPeople_high": 9.260176838467164, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nSVG 2117 2151 0 0 2151 0\n(ULOC) 1550\n-------------------------------------------------------------------------------\nSass 434 30989 3466 5446 22077 657\n(ULOC) 15631\n-------------------------------------------------------------------------------\nJavaScript 4 6612 575 440 5597 368\n(ULOC) 3665\n-------------------------------------------------------------------------------\nCSS 3 25392 1331 7 24054 0\n(ULOC) 8975\n-------------------------------------------------------------------------------\nHTML 1 331 13 0 318 0\n(ULOC) 227\n-------------------------------------------------------------------------------\nMarkdown 1 3 1 0 2 0\n(ULOC) 2\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 2560 65478 5386 5893 54199 1025\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 29979\nDRYness % 0.46\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $1,787,665\nEstimated Schedule Effort (organic) 17.15 months\nEstimated People Required (organic) 9.26\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 3454581 bytes, 3.455 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "SCSS": 782046, - "JavaScript": 709138, - "CSS": 516277, - "HTML": 14575 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/29 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "SVG", + "Bytes": 949059, + "CodeBytes": 0, + "Lines": 2151, + "Code": 2151, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2117, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 782046, + "CodeBytes": 0, + "Lines": 30989, + "Code": 22077, + "Comment": 5446, + "Blank": 3466, + "Complexity": 657, + "Count": 434, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 791050, + "CodeBytes": 0, + "Lines": 6612, + "Code": 5597, + "Comment": 440, + "Blank": 575, + "Complexity": 368, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 917560, + "CodeBytes": 0, + "Lines": 25392, + "Code": 24054, + "Comment": 7, + "Blank": 1331, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 14575, + "CodeBytes": 0, + "Lines": 331, + "Code": 318, + "Comment": 0, + "Blank": 13, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 291, + "CodeBytes": 0, + "Lines": 3, + "Code": 2, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 1630243.8518085172, + "estimatedScheduleMonths_low": 17.1507374527343, + "estimatedPeople_low": 9.260176838467164, + "estimatedCost_high": 5080551.858956214, + "estimatedScheduleMonths_high": 17.1507374527343, + "estimatedPeople_high": 9.260176838467164, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nSVG 2117 2151 0 0 2151 0\n(ULOC) 1550\n-------------------------------------------------------------------------------\nSass 434 30989 3466 5446 22077 657\n(ULOC) 15631\n-------------------------------------------------------------------------------\nJavaScript 4 6612 575 440 5597 368\n(ULOC) 3665\n-------------------------------------------------------------------------------\nCSS 3 25392 1331 7 24054 0\n(ULOC) 8975\n-------------------------------------------------------------------------------\nHTML 1 331 13 0 318 0\n(ULOC) 227\n-------------------------------------------------------------------------------\nMarkdown 1 3 1 0 2 0\n(ULOC) 2\n───────────────────────────────────────────────────────────────────────────────\nTotal 2560 65478 5386 5893 54199 1025\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 29979\nDRYness % 0.46\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,787,665\nEstimated Schedule Effort (organic) 17.15 months\nEstimated People Required (organic) 9.26\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3454581 bytes, 3.455 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "SCSS": 782046, + "JavaScript": 709138, + "CSS": 516277, + "HTML": 14575 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/vsam-migration-scenarios/vsam-migration-scenarios_data.json b/app/site/_data/CMSgov/vsam-migration-scenarios/vsam-migration-scenarios_data.json index a9de9e3075..497d6345bd 100644 --- a/app/site/_data/CMSgov/vsam-migration-scenarios/vsam-migration-scenarios_data.json +++ b/app/site/_data/CMSgov/vsam-migration-scenarios/vsam-migration-scenarios_data.json @@ -1,275 +1,275 @@ { - "url": "https://github.com/CMSgov/vsam-migration-scenarios", - "owner": "CMSgov", - "name": "vsam-migration-scenarios", - "description": "VSAM Migration Scenarios", - "commits_count": 4, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 9, - "total_project_lines": 3175, - "average_project_lines": 454, - "total_project_comment_lines": 155, - "average_project_comment_lines": 22, - "total_project_blank_lines": 48, - "average_blank_lines": 7, - "commits_by_month": { - "2020/1": 4 + "url": "https://github.com/CMSgov/vsam-migration-scenarios", + "owner": "CMSgov", + "name": "vsam-migration-scenarios", + "description": "VSAM Migration Scenarios", + "commits_count": 4, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 9, + "total_project_lines": 3175, + "average_project_lines": 454, + "total_project_comment_lines": 155, + "average_project_comment_lines": 22, + "total_project_blank_lines": 48, + "average_blank_lines": 7, + "commits_by_month": { + "2020/1": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "created_at": "2020-01-17T17:56:37Z", + "ossf_scorecard": { + "date": "2025-02-23T16:45:26Z", + "repo": { + "name": "github.com/CMSgov/vsam-migration-scenarios", + "commit": "5c03e055e7d5855bcefa53f4df4490d3916e37c3" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "created_at": "2020-01-17T17:56:37Z", - "ossf_scorecard": { - "date": "2025-02-23T16:45:26Z", - "repo": { - "name": "github.com/CMSgov/vsam-migration-scenarios", - "commit": "5c03e055e7d5855bcefa53f4df4490d3916e37c3" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/4 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "COBOL", - "Bytes": 209280, - "CodeBytes": 0, - "Lines": 3130, - "Code": 2949, - "Comment": 155, - "Blank": 26, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 2633, - "CodeBytes": 0, - "Lines": 45, - "Code": 23, - "Comment": 0, - "Blank": 22, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 77314.86092771737, - "estimatedScheduleMonths_low": 5.3847649879806365, - "estimatedPeople_low": 1.3987681450162954, - "estimatedCost_high": 240946.87428233452, - "estimatedScheduleMonths_high": 5.3847649879806365, - "estimatedPeople_high": 1.3987681450162954, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nCOBOL 6 3130 26 155 2949 0\n(ULOC) 2985\n-------------------------------------------------------------------------------\nMarkdown 1 45 22 0 23 0\n(ULOC) 24\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 7 3175 48 155 2972 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 3009\nDRYness % 0.95\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $84,780\nEstimated Schedule Effort (organic) 5.38 months\nEstimated People Required (organic) 1.40\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 211913 bytes, 0.212 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "COBOL": 209280 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/4 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "COBOL", + "Bytes": 209280, + "CodeBytes": 0, + "Lines": 3130, + "Code": 2949, + "Comment": 155, + "Blank": 26, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 2633, + "CodeBytes": 0, + "Lines": 45, + "Code": 23, + "Comment": 0, + "Blank": 22, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 77314.86092771737, + "estimatedScheduleMonths_low": 5.3847649879806365, + "estimatedPeople_low": 1.3987681450162954, + "estimatedCost_high": 240946.87428233452, + "estimatedScheduleMonths_high": 5.3847649879806365, + "estimatedPeople_high": 1.3987681450162954, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nCOBOL 6 3130 26 155 2949 0\n(ULOC) 2985\n-------------------------------------------------------------------------------\nMarkdown 1 45 22 0 23 0\n(ULOC) 24\n───────────────────────────────────────────────────────────────────────────────\nTotal 7 3175 48 155 2972 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3009\nDRYness % 0.95\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $84,780\nEstimated Schedule Effort (organic) 5.38 months\nEstimated People Required (organic) 1.40\n───────────────────────────────────────────────────────────────────────────────\nProcessed 211913 bytes, 0.212 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "COBOL": 209280 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMSgov/web-design-standards/web-design-standards_data.json b/app/site/_data/CMSgov/web-design-standards/web-design-standards_data.json index 1ef0ffa0ca..dbb8b7fa3f 100644 --- a/app/site/_data/CMSgov/web-design-standards/web-design-standards_data.json +++ b/app/site/_data/CMSgov/web-design-standards/web-design-standards_data.json @@ -1,533 +1,533 @@ { - "url": "https://github.com/CMSgov/web-design-standards", - "owner": "CMSgov", - "name": "web-design-standards", - "description": "Open source UI components and visual style guide for U.S. government websites.", - "commits_count": 4064, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 3, - "stargazers_count": 5, - "watchers_count": 5, - "total_project_lines": 9274, - "average_project_lines": 61, - "total_project_comment_lines": 495, - "average_project_comment_lines": 3, - "total_project_blank_lines": 1407, - "average_blank_lines": 9, - "commits_by_month": { - "2017/2": 30 + "url": "https://github.com/CMSgov/web-design-standards", + "owner": "CMSgov", + "name": "web-design-standards", + "description": "Open source UI components and visual style guide for U.S. government websites.", + "commits_count": 4064, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 3, + "stargazers_count": 5, + "watchers_count": 5, + "total_project_lines": 9274, + "average_project_lines": 61, + "total_project_comment_lines": 495, + "average_project_comment_lines": 3, + "total_project_blank_lines": 1407, + "average_blank_lines": 9, + "commits_by_month": { + "2017/2": 30 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", + "nadia_color": "ff69b4", + "nadia_badge_name": "club", + "created_at": "2017-02-25T19:54:49Z", + "ossf_scorecard": { + "date": "2025-02-23T16:39:54Z", + "repo": { + "name": "github.com/CMSgov/web-design-standards", + "commit": "06d34219096071d859ed78fe3d0ea0812e9dc67e" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=club&color=ff69b4", - "nadia_color": "ff69b4", - "nadia_badge_name": "club", - "created_at": "2017-02-25T19:54:49Z", - "ossf_scorecard": { - "date": "2025-02-23T16:39:54Z", - "repo": { - "name": "github.com/CMSgov/web-design-standards", - "commit": "06d34219096071d859ed78fe3d0ea0812e9dc67e" - }, - "scorecard": { - "version": "v5.1.1-5-g3b42b6e7", - "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" - }, - "score": 2.9, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 34 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.1.1-5-g3b42b6e7", + "commit": "3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a" }, - "cocomo": { - "languageSummary": [ - { - "Name": "JavaScript", - "Bytes": 78976, - "CodeBytes": 0, - "Lines": 2615, - "Code": 1792, - "Comment": 356, - "Blank": 467, - "Complexity": 188, - "Count": 49, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 29472, - "CodeBytes": 0, - "Lines": 90, - "Code": 87, - "Comment": 3, - "Blank": 0, - "Complexity": 0, - "Count": 31, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 65479, - "CodeBytes": 0, - "Lines": 3465, - "Code": 2763, - "Comment": 116, - "Blank": 586, - "Complexity": 2, - "Count": 31, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 90431, - "CodeBytes": 0, - "Lines": 2215, - "Code": 2070, - "Comment": 16, - "Blank": 129, - "Complexity": 0, - "Count": 29, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 38061, - "CodeBytes": 0, - "Lines": 728, - "Code": 514, - "Comment": 0, - "Blank": 214, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1605, - "CodeBytes": 0, - "Lines": 85, - "Code": 70, - "Comment": 4, - "Blank": 11, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 2383, - "CodeBytes": 0, - "Lines": 76, - "Code": 76, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 200690.27430326646, - "estimatedScheduleMonths_low": 7.737253494458854, - "estimatedPeople_low": 2.5269055470385333, - "estimatedCost_high": 625438.5471564739, - "estimatedScheduleMonths_high": 7.737253494458854, - "estimatedPeople_high": 2.5269055470385333, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJavaScript 49 2615 467 356 1792 188\n(ULOC) 1498\n-------------------------------------------------------------------------------\nSVG 31 90 0 3 87 0\n(ULOC) 71\n-------------------------------------------------------------------------------\nSass 31 3465 586 116 2763 2\n(ULOC) 1485\n-------------------------------------------------------------------------------\nHTML 29 2215 129 16 2070 0\n(ULOC) 757\n-------------------------------------------------------------------------------\nMarkdown 7 728 214 0 514 0\n(ULOC) 477\n-------------------------------------------------------------------------------\nYAML 5 85 11 4 70 0\n(ULOC) 70\n-------------------------------------------------------------------------------\nJSON 1 76 0 0 76 0\n(ULOC) 73\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 153 9274 1407 495 7372 190\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 4416\nDRYness % 0.48\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $220,069\nEstimated Schedule Effort (organic) 7.74 months\nEstimated People Required (organic) 2.53\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 306407 bytes, 0.306 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "predominant_langs": { - "HTML": 90431, - "CSS": 65479, - "JavaScript": 50396 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "@18f/stylelint-rules", - 0.0410958904, - "2025-03-01T19:05:38.000" - ], - [ - "bourbon", - 5.8164383562, - "2025-03-01T19:05:38.000" - ], - [ - "bourbon-neat", - 0.0, - "2025-03-01T19:05:38.000" - ], - [ - "browserify", - 7.7506849315, - "2025-03-01T19:05:38.000" - ], - [ - "classlist-polyfill", - 0.0, - "2025-03-01T19:05:38.000" - ], - [ - "cross-spawn", - 8.602739726, - "2025-03-01T19:05:38.000" - ], - [ - "del", - 8.1561643836, - "2025-03-01T19:05:38.000" - ], - [ - "gulp", - 8.1397260274, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-autoprefixer", - 7.2246575342, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-clean", - 0.0, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-cssnano", - 0.0, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-eslint", - 3.5945205479, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-filter", - 8.2383561644, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-mocha", - 8.4356164384, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-rename", - 1.3643835616, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-replace", - 5.4931506849, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-sass", - 8.4547945205, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-sourcemaps", - 3.9726027397, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-stylelint", - 3.7506849315, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-uglify", - 2.6876712329, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-util", - 0.0, - "2025-03-01T19:05:38.000" - ], - [ - "gulp-zip", - 8.898630137, - "2025-03-01T19:05:38.000" - ], - [ - "istanbul", - 0.0, - "2025-03-01T19:05:38.000" - ], - [ - "jquery", - 7.2739726027, - "2025-03-01T19:05:38.000" - ], - [ - "jsdom", - 7.8328767123, - "2025-03-01T19:05:38.000" - ], - [ - "jsdom-global", - 0.3698630137, - "2025-03-01T19:05:38.000" - ], - [ - "lodash.debounce", - 0.0, - "2025-03-01T19:05:38.000" - ], - [ - "mocha", - 8.6109589041, - "2025-03-01T19:05:38.000" - ], - [ - "node-notifier", - 5.4520547945, - "2025-03-01T19:05:38.000" - ], - [ - "node-sass", - 6.701369863, - "2025-03-01T19:05:38.000" - ], - [ - "normalize.css", - 3.6136986301, - "2025-03-01T19:05:38.000" - ], - [ - "run-sequence", - 1.5150684932, - "2025-03-01T19:05:38.000" - ], - [ - "should", - 2.1917808219, - "2025-03-01T19:05:38.000" - ], - [ - "vinyl-buffer", - 0.0, - "2025-03-01T19:05:38.000" - ], - [ - "vinyl-source-stream", - 0.0, - "2025-03-01T19:05:38.000" - ], - [ - "watch", - 0.3698630137, - "2025-03-01T19:05:38.000" - ] + "score": 2.9, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 34 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/3b42b6e7d8c66543d10c7f5ac5d3ecc0d1e56e5a/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JavaScript", + "Bytes": 78976, + "CodeBytes": 0, + "Lines": 2615, + "Code": 1792, + "Comment": 356, + "Blank": 467, + "Complexity": 188, + "Count": 49, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 29472, + "CodeBytes": 0, + "Lines": 90, + "Code": 87, + "Comment": 3, + "Blank": 0, + "Complexity": 0, + "Count": 31, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 65479, + "CodeBytes": 0, + "Lines": 3465, + "Code": 2763, + "Comment": 116, + "Blank": 586, + "Complexity": 2, + "Count": 31, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 90431, + "CodeBytes": 0, + "Lines": 2215, + "Code": 2070, + "Comment": 16, + "Blank": 129, + "Complexity": 0, + "Count": 29, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 38061, + "CodeBytes": 0, + "Lines": 728, + "Code": 514, + "Comment": 0, + "Blank": 214, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1605, + "CodeBytes": 0, + "Lines": 85, + "Code": 70, + "Comment": 4, + "Blank": 11, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 2383, + "CodeBytes": 0, + "Lines": 76, + "Code": 76, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 200690.27430326646, + "estimatedScheduleMonths_low": 7.737253494458854, + "estimatedPeople_low": 2.5269055470385333, + "estimatedCost_high": 625438.5471564739, + "estimatedScheduleMonths_high": 7.737253494458854, + "estimatedPeople_high": 2.5269055470385333, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 49 2615 467 356 1792 188\n(ULOC) 1498\n-------------------------------------------------------------------------------\nSVG 31 90 0 3 87 0\n(ULOC) 71\n-------------------------------------------------------------------------------\nSass 31 3465 586 116 2763 2\n(ULOC) 1485\n-------------------------------------------------------------------------------\nHTML 29 2215 129 16 2070 0\n(ULOC) 757\n-------------------------------------------------------------------------------\nMarkdown 7 728 214 0 514 0\n(ULOC) 477\n-------------------------------------------------------------------------------\nYAML 5 85 11 4 70 0\n(ULOC) 70\n-------------------------------------------------------------------------------\nJSON 1 76 0 0 76 0\n(ULOC) 73\n───────────────────────────────────────────────────────────────────────────────\nTotal 153 9274 1407 495 7372 190\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 4416\nDRYness % 0.48\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $220,069\nEstimated Schedule Effort (organic) 7.74 months\nEstimated People Required (organic) 2.53\n───────────────────────────────────────────────────────────────────────────────\nProcessed 306407 bytes, 0.306 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "predominant_langs": { + "HTML": 90431, + "CSS": 65479, + "JavaScript": 50396 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "@18f/stylelint-rules", + 0.0410958904, + "2025-03-01T19:05:38.000" + ], + [ + "bourbon", + 5.8164383562, + "2025-03-01T19:05:38.000" + ], + [ + "bourbon-neat", + 0.0, + "2025-03-01T19:05:38.000" + ], + [ + "browserify", + 7.7506849315, + "2025-03-01T19:05:38.000" + ], + [ + "classlist-polyfill", + 0.0, + "2025-03-01T19:05:38.000" + ], + [ + "cross-spawn", + 8.602739726, + "2025-03-01T19:05:38.000" + ], + [ + "del", + 8.1561643836, + "2025-03-01T19:05:38.000" + ], + [ + "gulp", + 8.1397260274, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-autoprefixer", + 7.2246575342, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-clean", + 0.0, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-cssnano", + 0.0, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-eslint", + 3.5945205479, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-filter", + 8.2383561644, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-mocha", + 8.4356164384, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-rename", + 1.3643835616, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-replace", + 5.4931506849, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-sass", + 8.4547945205, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-sourcemaps", + 3.9726027397, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-stylelint", + 3.7506849315, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-uglify", + 2.6876712329, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-util", + 0.0, + "2025-03-01T19:05:38.000" + ], + [ + "gulp-zip", + 8.898630137, + "2025-03-01T19:05:38.000" + ], + [ + "istanbul", + 0.0, + "2025-03-01T19:05:38.000" + ], + [ + "jquery", + 7.2739726027, + "2025-03-01T19:05:38.000" + ], + [ + "jsdom", + 7.8328767123, + "2025-03-01T19:05:38.000" + ], + [ + "jsdom-global", + 0.3698630137, + "2025-03-01T19:05:38.000" + ], + [ + "lodash.debounce", + 0.0, + "2025-03-01T19:05:38.000" + ], + [ + "mocha", + 8.6109589041, + "2025-03-01T19:05:38.000" + ], + [ + "node-notifier", + 5.4520547945, + "2025-03-01T19:05:38.000" + ], + [ + "node-sass", + 6.701369863, + "2025-03-01T19:05:38.000" + ], + [ + "normalize.css", + 3.6136986301, + "2025-03-01T19:05:38.000" + ], + [ + "run-sequence", + 1.5150684932, + "2025-03-01T19:05:38.000" + ], + [ + "should", + 2.1917808219, + "2025-03-01T19:05:38.000" + ], + [ + "vinyl-buffer", + 0.0, + "2025-03-01T19:05:38.000" + ], + [ + "vinyl-source-stream", + 0.0, + "2025-03-01T19:05:38.000" + ], + [ + "watch", + 0.3698630137, + "2025-03-01T19:05:38.000" ] -} \ No newline at end of file + ] +}