Project-Security-Metrics
Project-Security-Metrics copied to clipboard
ossf
Collect, curate, and communicate relevant security metrics for open source projects.
Bumps [django](https://github.com/django/django) from 4.0.1 to 4.0.7. Commits e9e9729 [4.0.x] Bumped version for 4.0.7 release. b7d9529 [4.0.x] Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header. 2eb7ded [4.0.x] Adjusted version 4.0.7 release...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
The information dropdown on the home page just adds a `#` to the end of my url. Not sure what was intended to go here 
It takes 10 seconds for the home page of `https://metrics.openssf.org/` to load for me
I don't believe this the `Select Project` box adds anything. You can click on the `PackageURL` drop down and type to search through the purls listed. 
The metrics top bar seems to be a little broken -- when opening the dashboard without a project, ([link](https://metrics.openssf.org/grafana/d/default/metric-dashboard?orgId=1)) I get: . When opening a project from the front-end website...
In the installation steps on the README.md it says to do a "docker-compose -f ... run" but instead it should be "docker-compose -f .... up" This allow to get the...
Another thing that doesn't work well -- LetsEncrypt doesn't automatically renew properly. To do it manually: 1. SSH into the box. ``` sudo su cd /opt/openssf/Project-Security-Metrics docker exec -it docker_certbot_1...
I'm migrating the existing metrics.openssf.org infrastructure over to a new VM in the OpenSSF Azure subscription. This means that it'll have a new IP address. We'll need the CNAME for...
For example in https://github.com/Tencent/rapidjson (that is, https://metrics.openssf.org/grafana/d/default/metric-dashboard?orgId=1&var-PackageURL=pkg%3Agithub/tencent/rapidjson ) The Scorecard section, Active, says whether the project got any commits in the last 90 days. It should be available, however the...
## Issue Resolve https://github.com/ossf/Project-Security-Metrics/issues/47 ## Changes - Add Error handling for package_url param. - Use application/json response in case of status 400 or 404. - Add auto test for `/api/1/get-project`...
