awesome-nodejs-security icon indicating copy to clipboard operation
awesome-nodejs-security copied to clipboard

Published 20 hours ago verified publisher icon lirantal

What about OpenSSF initiatives/tools?

Open fraxken opened this issue 1 year ago • 3 comments

I think could be cool to add links to some Open source initiatives like:

  • Scorecard
  • SLSA (and maybe also sigstore.. But I'm working on few things around that for Node so I may add it later).

Also not sure how to also put OSV ?

What do you think?

fraxken avatar Sep 23 '23 12:09 fraxken

Yes definitely but can we find the specific Node.js angles to add those? with OSV it's easy as we can add it with the npm registry specific link.

Perhaps we can do something similar for the above related to the Node.js project or other projects?

lirantal avatar Sep 23 '23 21:09 lirantal

I guess for Scorecard the last article I added is quite good. And I'm working on SLSA/Sigstore on NodeSecure (I plan to write an article.. I Just have so much things to do not sure when haha).

fraxken avatar Sep 24 '23 19:09 fraxken

Those sound good to me :-) You're welcome to add!

lirantal avatar Sep 25 '23 10:09 lirantal