Skip to content
/ beam-openssf-compliance-stats Public

Project to generate statistics about OpenSSF Compliance in the BEAM ecosystem.

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

erlef/beam-openssf-compliance-stats

BranchesTags

Repository files navigation

BEAM OpenSSF Compliance Statistics

EEF Security WG project

Statistics Tool to collect OpenSSF compliance statistics for the BEAM ecosystem.

Configuration

Some additional projects are considered besides Hex.pm packages. Those have to be added to the priv/additional_projects.tsv file.

Usage

┌──────────────────────────────────┐         ┌─────────────────────────────────────────────┐
│File: priv/additional_projects.tsv│         │$ mix openssf_compliance.fetch_badge_projects│
└─────────────────┬────────────────┘         └───────────────────┬─────────────────────────┘
                  │                                              │
┌─────────────────▼─────────────────────┐    ┌───────────────────▼────────────────┐
│$ mix openssf_compliance.fetch_projects│    │File: priv/data/badge/[NAME].parquet│
└─────────────────┬─────────────────────┘    └───────────────────┬────────────────┘
                  │                                              │
┌─────────────────▼─────────────────────┐                        │
│File: priv/data/projects/[NAME].parquet│                        │
└─────────────────┬─────────────────────┘                        │
                  │                                              |
┌─────────────────▼───────────────────────────────┐              |
│$ mix openssf_compliance.fetch_scorecard_projects│              |
└─────────────────┬───────────────────────────────┘              |
                  │                                              |
┌─────────────────▼──────────────────────┐                       |
│File: priv/data/scorecard/[NAME].parquet│                       |
└─────────────────┬──────────────────────┘                       |
                  │   ┌──────────────────────────────────────────┘
┌─────────────────▼───▼────────────────┐
│$ mix openssf_compliance.join_projects│
└─────────────────┬────────────────────┘
                  │
┌─────────────────▼───────────────────┐
│File: priv/data/joined/[NAME].parquet│
└─────────────────┬───────────────────┘
                  │
┌─────────────────▼────────────┐
│$ mix openssf_compliance.stats│
└──────────────────────────────┘

Automated Data Storage

This project automatically fetches new data once a month using the .github/workflows/calculate_dataset.yml action and stores the datasets in git in thepriv/data/joined directory.

You can see the recent runs in the Actions Tab. Each run contains a summary of the new statistics and also offers the intermediate files for download.

License

The code in this repository is licensed under the Apache-2.0 license.

Data produced by the contained commands, are licensed based on their origin. Check the [FILENAME].license file next to each dataset to see its license.

About

Project to generate statistics about OpenSSF Compliance in the BEAM ecosystem.

Topics

badge scorecard openssf openssf-scorecard security-wg openssf-badge

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Sponsor this project

Contributors 2

  •  
  •  

Languages