Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Advise about the quality / health of an Open Source project / dependency package #3317

Open
sschuberth opened this issue Nov 10, 2020 · 5 comments
Open

Advise about the quality / health of an Open Source project / dependency package #3317

sschuberth opened this issue Nov 10, 2020 · 5 comments
Labels
advisor About the advisor tool new feature Issues that are considered to be new features

Comments

@sschuberth
Copy link
Member

sschuberth commented Nov 10, 2020
edited
Loading

In addition to security vulnerabilities the advisor could also advise about the general quality of an Open Source project, e.g. using

by extending

ort/model/src/main/kotlin/AdvisorCapability.kt

Lines 31 to 37 in 19c89ff

enum class AdvisorCapability {
/** Indicates that an advisor can retrieve information about defects. */
DEFECTS,
/** Indicates that an advisor can retrieve information about security vulnerabilities. */
VULNERABILITIES
}
with HEALTH or so.
@sschuberth sschuberth added new feature Issues that are considered to be new features advisor About the advisor tool labels Nov 10, 2020
@sschuberth

This comment was marked as outdated.

Sign in to view
@sschuberth sschuberth mentioned this issue Mar 16, 2021
Merged
@sschuberth sschuberth changed the title Advise about the quality of an Open Source project Advise about the quality / health of an Open Source project / dependency package Jan 26, 2023
@sschuberth sschuberth mentioned this issue Jan 26, 2023
Closed
@dgutson
Copy link

dgutson commented Mar 6, 2023

I this should be splitted in the different tools. We are interested in Google Scorecard.

@sschuberth
Copy link
Member Author

I this should be splitted in the different tools. We are interested in Google Scorecard.

@dgutson, please indicate your interest by adding 👍🏻 to the top post, as that way we can rank the issues.

@sschuberth sschuberth mentioned this issue Jan 26, 2024
Merged
@sschuberth sschuberth pinned this issue Jun 18, 2024
@sschuberth sschuberth mentioned this issue Aug 30, 2024
Open
@sschuberth sschuberth mentioned this issue Nov 26, 2024
Closed
@MacOS
Copy link

MacOS commented Dec 11, 2024

I would also suggest the OpenSSF Scorecard, see https://github.com/ossf/scorecard.

@sschuberth
Copy link
Member Author

I would also suggest the OpenSSF Scorecard, see https://github.com/ossf/scorecard.

It's mentioned above as "Google's scorecard project".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
advisor About the advisor tool new feature Issues that are considered to be new features
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sschuberth @MacOS @dgutson