OpenSSF Scorecard data #18
Labels
Comments
andrew
added
enhancement
|
Possibly useful for this issue, at least for exploration purposes, is a not well advertised prototype OSSF API that pulls in scorecard and some of the other OSSF API results, plus a few additional things like average dependency age and libYears behind https://riskapi.ashydesert-4ee1f08e.westus3.azurecontainerapps.io/apidocs/ |
|
@JustinGOSSES thanks, I saw this a few weeks ago as well, keeping an eye on it to see what raw data is missing from ecosyste.ms that would be used to make this high level assesments. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'd like to get the data from https://securityscorecards.dev/ into an ecosyste.ms service so I can do queries across the data and also integrate it into the packages and repos services.
In future we may calculate the scores ourselves as OpenSSF only covers a small percentage of all the most important open source repositories.
The text was updated successfully, but these errors were encountered: