-
Notifications
You must be signed in to change notification settings - Fork 120
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Assessment against best practices (OpenSSF Scorecards ...) #859
Comments
Next steps: OSSF Scorecards
CII Best Practices
Other
|
Reference: nodejs/security-wg#859 Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Reference: nodejs/security-wg#859 Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Reference: nodejs/security-wg#859 Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
This issue is stale because it has been open many days with no activity. It will be closed soon unless the stale label is removed or a comment is made. |
Opened 5 PRs to increase the OpenSSF Scorecard |
This issue is stale because it has been open many days with no activity. It will be closed soon unless the stale label is removed or a comment is made. |
Reference: nodejs/security-wg#859 Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
This issue is stale because it has been open many days with no activity. It will be closed soon unless the stale label is removed or a comment is made. |
As discussed in the last meeting #857. I'm creating this issue to, discuss and follow the evolution of this new Security-WG initiative for 2023.
The main idea is to assess how the Node.js project is positioned in regards to some security best practices. The final goal would be to collect metrics, allowing us to eventually improve security.
As a first actionable step we discussed exploring the OpenSSF Scorecards initiative. For context an issue about Scorecard has been opened here: #851 (There is some nice information on it). A presentation will be held in the next meeting (January 19th).
The text was updated successfully, but these errors were encountered: