domain | securityscorecards.dev |
summary | The content provided discusses various aspects related to software development and maintenance practices. The project being discussed is described as having a "High Maintained" status and incorporating tools for dependency updates like Dependabot or RenovateBot. It also contains a security policy, declares a license, has a CII Best Practices badge, runs tests in continuous integration, uses fuzzing tools, employs static code analysis tools, is free of checked-in binaries, utilizes branch protection, avoids dangerous coding patterns in GitHub Actions, requires code review before merging, involves contributions from multiple organizations, declares and pins dependencies, has read-only workflow tokens, builds and publishes official packages, cryptographically signs releases. |
title | OpenSSF Scorecard |
description | Quickly assess open source projects for risky practices |
keywords | project, security, scorecard, does, risk, code, source, action, have, high, checks, vulnerabilities, projects, practices, more, best, build |
upstreams |
|
downstreams |
|
nslookup | A 75.2.60.5 |
created | 2024-02-23 |
updated | 2024-10-22 |
|
|