wg-securing-critical-projects
wg-securing-critical-projects copied to clipboard
ossf
Helping allocate resources to secure the critical open source projects we all depend on.
This adds a new link to the old "Census I" paper, specifically to a GitHub repo controlled by the Linux Foundation. We don't know of a reason the old one...
There are multiple links in the main Readme which return a 404 error or similar problems, here is a list and suggestions for links to replace them. - The first...
We need an easy link to: https://docs.google.com/spreadsheets/d/1ONZ4qeMq8xmeCHX03lIgIYE4MEXVfVL6oj05lbuXTDM/edit#gid=1024997528
It's great that https://docs.google.com/spreadsheets/d/1ONZ4qeMq8xmeCHX03lIgIYE4MEXVfVL6oj05lbuXTDM/edit#gid=577559548 exists. It'd be helpful for cross-referencing if the purls of each of these were included in the list.
Hi, I have a question. In the [Critical Projects List](https://docs.google.com/spreadsheets/d/1ONZ4qeMq8xmeCHX03lIgIYE4MEXVfVL6oj05lbuXTDM/edit#gid=571311621) No.88, | Apache | https://github.com/apache | Survey Response | |---|---|---| What does this mean? Are all the projects under apache...
The @ossf/alpha-omega team has collected a list of the top 10k OSS projects which we are using as a target for security scanning, vulnerability reporting, and, in the future, as...
While `tzdata` and `ca-certificates` release mostly data instead of source code, they are arguably critical to trust. I suggest adding (and tracking) the "build" dependencies of both. For example, in...
Hello, I've opened this issue to document a more accurate estimate of FreeBSD's criticality score and to summarize some parts of FreeBSD that are consumed by other projects. ### FreeBSD's...
Hi, in the presentation (./presentations/The_state_of_the_Linux_kernel_security.pdf) slide 25 there's a link to subsystems that refuse to tag for stable, leading to https://groups.google.com/a/google.com/g/kernel-dynamic-tools/c/SZnwXich2tM/m/gTkaJXxxAQAJ , but there's nothing on that page, nor kernel-dynamic-tools...
@dlorenc, @rhaning We will be using the description listed in the .github/settings.yml for each project to create a summary list for the [OpenSSF website getting started page](https://openssf.org/join/) and an upcoming...
