Skip to content

@ossf Open Source Security Foundation (OpenSSF)

Change the repository type filter

All

    Repositories list

    65 repositories

    • malicious-packages

      Public
      A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.
      Go
      Apache License 2.0
      232471111Updated Nov 9, 2024Nov 9, 2024

    • allstar

      Public
      GitHub App to set and enforce security policies
      Go
      Apache License 2.0
      1221.3k640Updated Nov 9, 2024Nov 9, 2024

    • scorecard

      Public
      OpenSSF Scorecard - Security health metrics for Open Source
      scorecardopenssf-scorecard
      Go
      Apache License 2.0
      4974.6k3419Updated Nov 8, 2024Nov 8, 2024

    • scorecard-webapp

      Public
      Website and API for OpenSSF Scorecard
      openssf-scorecard
      HTML
      Apache License 2.0
      28223110Updated Nov 8, 2024Nov 8, 2024

    • scorecard-action

      Public
      Official GitHub Action for OpenSSF Scorecard.
      githubsecuritysupply-chaingithub-actionsopenssf-scorecard
      Go
      Apache License 2.0
      70264253Updated Nov 8, 2024Nov 8, 2024

    • tac

      Public
      Technical Advisory Council
      Other
      59109193Updated Nov 8, 2024Nov 8, 2024

    • wg-best-practices-os-developers

      Public
      The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.
      JavaScript
      Apache License 2.0
      1307605110Updated Nov 8, 2024Nov 8, 2024

    • criticality_score

      Public
      Gives criticality score for an open source project
      Go
      Apache License 2.0
      1191.3k4135Updated Nov 8, 2024Nov 8, 2024

    • package-feeds

      Public
      Feed parsing for language package manager updates
      Go
      Apache License 2.0
      24712112Updated Nov 7, 2024Nov 7, 2024

    • scorecard-visualizer

      Public
      Tool for visualizing the Open SSF Scorecard Api data in a human friendly way
      openssfopenssf-scorecard
      TypeScript
      Apache License 2.0
      312119Updated Nov 6, 2024Nov 6, 2024

    • osv-schema

      Public
      Open Source Vulnerability schema.
      Python
      Apache License 2.0
      801852510Updated Nov 6, 2024Nov 6, 2024

    • security-baseline

      Public
      Go
      Apache License 2.0
      632217Updated Nov 5, 2024Nov 5, 2024

    • artwork

      Public
      OpenSSF Artwork
      Apache License 2.0
      8701Updated Nov 5, 2024Nov 5, 2024

    • fuzz-introspector

      Public
      Fuzz Introspector -- introspect, extend and optimise fuzzers
      testingsecurityfuzz-testingvulnerability-analysissecurity-researchfuzzing
      Python
      Apache License 2.0
      54377953Updated Nov 5, 2024Nov 5, 2024

    • alpha-omega

      Public
      Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
      securityopensourceopen-source-security
      Open Policy Agent
      Apache License 2.0
      5084513Updated Nov 4, 2024Nov 4, 2024

    • ossf-landscape

      Public
      Apache License 2.0
      272610Updated Nov 4, 2024Nov 4, 2024

    • package-analysis

      Public
      Open Source Package Analysis
      Go
      Apache License 2.0
      517305710Updated Nov 1, 2024Nov 1, 2024

    • Memory-Safety

      Public
      Apache License 2.0
      121960Updated Oct 31, 2024Oct 31, 2024

    • wg-securing-software-repos

      Public
      OpenSSF Working Group on Securing Software Repositories
      Other
      199164Updated Oct 28, 2024Oct 28, 2024

    • wg-dei

      Public
      The Diversity, Equity, and Inclusion Working Group mission is to increase representation and strengthen the overall effectiveness of the cybersecurity workforce.
      Apache License 2.0
      1450Updated Oct 25, 2024Oct 25, 2024

    • ai-ml-security

      Public
      Potential WG on Artificial Intelligence and Machine Learning (AI/ML)
      Apache License 2.0
      95330Updated Oct 23, 2024Oct 23, 2024

    • secure-sw-dev-fundamentals

      Public
      Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)
      CSS
      Creative Commons Attribution 4.0 International
      46180335Updated Oct 18, 2024Oct 18, 2024

    • wg-securing-critical-projects

      Public
      Helping allocate resources to secure the critical open source projects we all depend on.
      Apache License 2.0
      40331220Updated Oct 10, 2024Oct 10, 2024

    • sbom-everywhere

      Public
      Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
      Vue
      Apache License 2.0
      2570250Updated Sep 24, 2024Sep 24, 2024

    • security-insights-spec

      Public
      OPENSSF SECURITY INSIGHTS: Repository for development of the draft standard, where requests for modification should be made via Github Issues.
      Other
      1049144Updated Sep 5, 2024Sep 5, 2024

    • s2c2f

      Public
      The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously improve the S2C2F guide which outlines and defines how to securely consume Open Source Software (OSS) dependencies into the developer’s workflow.
      Other
      2418551Updated Aug 27, 2024Aug 27, 2024

    • .github

      Public
      Github configuration
      2102Updated Aug 1, 2024Aug 1, 2024

    • staff

      Public
      Repository to keep track of staff operations
      Shell
      Apache License 2.0
      1030Updated Jul 31, 2024Jul 31, 2024

    • community

      Public
      Creative Commons Attribution 4.0 International
      5731Updated Jul 31, 2024Jul 31, 2024

    • wg-vulnerability-disclosures

      Public
      The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.
      Apache License 2.0
      40179261Updated Jul 24, 2024Jul 24, 2024