diff --git a/app/site/_data/CMS-Enterprise/batcave-knight-light/batcave-knight-light_data.json b/app/site/_data/CMS-Enterprise/batcave-knight-light/batcave-knight-light_data.json index 60bee2d7ad..66bdd06b6d 100644 --- a/app/site/_data/CMS-Enterprise/batcave-knight-light/batcave-knight-light_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-knight-light/batcave-knight-light_data.json @@ -1,737 +1,737 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-knight-light", - "owner": "CMS-Enterprise", - "name": "batcave-knight-light", - "description": "batCAVE knight light demo application", - "commits_count": 205, - "issues_count": 2, - "open_issues_count": 0, - "closed_issues_count": 2, - "pull_requests_count": 40, - "open_pull_requests_count": 6, - "merged_pull_requests_count": 25, - "closed_pull_requests_count": 9, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 8, - "total_project_lines": 3839, - "average_project_lines": 34, - "total_project_comment_lines": 176, - "average_project_comment_lines": 2, - "total_project_blank_lines": 485, - "average_blank_lines": 4, - "commits_by_month": { - "2024/8": 9, - "2024/7": 16, - "2024/6": 5 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-28T00:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "JavaScript", - "Bytes": 11197, - "CodeBytes": 0, - "Lines": 430, - "Code": 352, - "Comment": 32, - "Blank": 46, - "Complexity": 17, - "Count": 15, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSX", - "Bytes": 12511, - "CodeBytes": 0, - "Lines": 415, - "Code": 351, - "Comment": 8, - "Blank": 56, - "Complexity": 27, - "Count": 13, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 13399, - "CodeBytes": 0, - "Lines": 476, - "Code": 475, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 7344, - "CodeBytes": 0, - "Lines": 213, - "Code": 145, - "Comment": 0, - "Blank": 68, - "Complexity": 0, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 24186, - "CodeBytes": 0, - "Lines": 101, - "Code": 100, - "Comment": 1, - "Blank": 0, - "Complexity": 0, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Java", - "Bytes": 8578, - "CodeBytes": 0, - "Lines": 272, - "Code": 208, - "Comment": 14, - "Blank": 50, - "Complexity": 2, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 3396, - "CodeBytes": 0, - "Lines": 179, - "Code": 99, - "Comment": 16, - "Blank": 64, - "Complexity": 8, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 1887, - "CodeBytes": 0, - "Lines": 106, - "Code": 93, - "Comment": 3, - "Blank": 10, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 1859, - "CodeBytes": 0, - "Lines": 59, - "Code": 50, - "Comment": 0, - "Blank": 9, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 1871, - "CodeBytes": 0, - "Lines": 79, - "Code": 57, - "Comment": 6, - "Blank": 16, - "Complexity": 2, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go", - "Bytes": 1829, - "CodeBytes": 0, - "Lines": 98, - "Code": 73, - "Comment": 0, - "Blank": 25, - "Complexity": 14, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 20580, - "CodeBytes": 0, - "Lines": 362, - "Code": 319, - "Comment": 15, - "Blank": 28, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "PHP", - "Bytes": 608, - "CodeBytes": 0, - "Lines": 31, - "Code": 23, - "Comment": 2, - "Blank": 6, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Properties File", - "Bytes": 1084, - "CodeBytes": 0, - "Lines": 22, - "Code": 6, - "Comment": 16, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "XML", - "Bytes": 3048, - "CodeBytes": 0, - "Lines": 103, - "Code": 96, - "Comment": 2, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Batch", - "Bytes": 6913, - "CodeBytes": 0, - "Lines": 149, - "Code": 134, - "Comment": 0, - "Blank": 15, - "Complexity": 17, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 163, - "CodeBytes": 0, - "Lines": 14, - "Code": 14, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 11343, - "CodeBytes": 0, - "Lines": 201, - "Code": 169, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 11344, - "CodeBytes": 0, - "Lines": 202, - "Code": 169, - "Comment": 0, - "Blank": 33, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 10666, - "CodeBytes": 0, - "Lines": 259, - "Code": 205, - "Comment": 40, - "Blank": 14, - "Complexity": 34, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1800, - "CodeBytes": 0, - "Lines": 68, - "Code": 40, - "Comment": 21, - "Blank": 7, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 82951.32379603984, - "estimatedScheduleMonths_low": 5.530694676396683, - "estimatedPeople_low": 1.461144425321394, - "estimatedCost_high": 258512.55433187165, - "estimatedScheduleMonths_high": 5.530694676396683, - "estimatedPeople_high": 1.461144425321394, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJavaScript 15 430 46 32 352 17\n(ULOC) 295\n-------------------------------------------------------------------------------\nJSX 13 415 56 8 351 27\n(ULOC) 212\n-------------------------------------------------------------------------------\nJSON 12 476 1 0 475 0\n(ULOC) 332\n-------------------------------------------------------------------------------\nMarkdown 11 213 68 0 145 0\n(ULOC) 101\n-------------------------------------------------------------------------------\nSVG 11 101 0 1 100 0\n(ULOC) 66\n-------------------------------------------------------------------------------\nJava 10 272 50 14 208 2\n(ULOC) 142\n-------------------------------------------------------------------------------\nDockerfile 7 179 64 16 99 8\n(ULOC) 102\n-------------------------------------------------------------------------------\nCSS 6 106 10 3 93 0\n(ULOC) 80\n-------------------------------------------------------------------------------\nTypeScript 5 59 9 0 50 0\n(ULOC) 45\n-------------------------------------------------------------------------------\nPython 4 79 16 6 57 2\n(ULOC) 45\n-------------------------------------------------------------------------------\nGo 3 98 25 0 73 14\n(ULOC) 49\n-------------------------------------------------------------------------------\nHTML 3 362 28 15 319 0\n(ULOC) 256\n-------------------------------------------------------------------------------\nPHP 3 31 6 2 23 0\n(ULOC) 24\n-------------------------------------------------------------------------------\nProperties File 2 22 0 16 6 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nXML 2 103 5 2 96 0\n(ULOC) 84\n-------------------------------------------------------------------------------\nBatch 1 149 15 0 134 17\n(ULOC) 114\n-------------------------------------------------------------------------------\nDocker ignore 1 14 0 0 14 0\n(ULOC) 15\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nPlain Text 1 202 33 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nShell 1 259 14 40 205 34\n(ULOC) 200\n-------------------------------------------------------------------------------\nYAML 1 68 7 21 40 0\n(ULOC) 43\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 113 3839 485 176 3178 121\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 2308\nDRYness % 0.60\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $90,961\nEstimated Schedule Effort (organic) 5.53 months\nEstimated People Required (organic) 1.46\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 155606 bytes, 0.156 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "created_at": "2023-12-07T14:49:04Z", - "ossf_scorecard": { - "date": "2025-01-19T13:33:54Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-knight-light", - "commit": "ed82fd175c2c83f1cf08e0ae51cd8bf821093506" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 3, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 8, - "reason": "13 out of 15 merged PRs checked by a CI test -- score normalized to 8", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 2/25 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 3 contributing companies or organizations -- score normalized to 10", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 1, - "reason": "dependency not pinned by hash detected -- score normalized to 1", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool is run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "62 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "url": "https://github.com/CMS-Enterprise/batcave-knight-light", + "owner": "CMS-Enterprise", + "name": "batcave-knight-light", + "description": "batCAVE knight light demo application", + "commits_count": 205, + "issues_count": 2, + "open_issues_count": 0, + "closed_issues_count": 2, + "pull_requests_count": 40, + "open_pull_requests_count": 6, + "merged_pull_requests_count": 25, + "closed_pull_requests_count": 9, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 8, + "total_project_lines": 3839, + "average_project_lines": 34, + "total_project_comment_lines": 176, + "average_project_comment_lines": 2, + "total_project_blank_lines": 485, + "average_blank_lines": 4, + "commits_by_month": { + "2024/8": 9, + "2024/7": 16, + "2024/6": 5 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-28T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "JavaScript", + "Bytes": 11197, + "CodeBytes": 0, + "Lines": 430, + "Code": 352, + "Comment": 32, + "Blank": 46, + "Complexity": 17, + "Count": 15, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSX", + "Bytes": 12511, + "CodeBytes": 0, + "Lines": 415, + "Code": 351, + "Comment": 8, + "Blank": 56, + "Complexity": 27, + "Count": 13, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 13399, + "CodeBytes": 0, + "Lines": 476, + "Code": 475, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 7344, + "CodeBytes": 0, + "Lines": 213, + "Code": 145, + "Comment": 0, + "Blank": 68, + "Complexity": 0, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 24186, + "CodeBytes": 0, + "Lines": 101, + "Code": 100, + "Comment": 1, + "Blank": 0, + "Complexity": 0, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Java", + "Bytes": 8578, + "CodeBytes": 0, + "Lines": 272, + "Code": 208, + "Comment": 14, + "Blank": 50, + "Complexity": 2, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 3396, + "CodeBytes": 0, + "Lines": 179, + "Code": 99, + "Comment": 16, + "Blank": 64, + "Complexity": 8, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 1887, + "CodeBytes": 0, + "Lines": 106, + "Code": 93, + "Comment": 3, + "Blank": 10, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 1859, + "CodeBytes": 0, + "Lines": 59, + "Code": 50, + "Comment": 0, + "Blank": 9, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 1871, + "CodeBytes": 0, + "Lines": 79, + "Code": 57, + "Comment": 6, + "Blank": 16, + "Complexity": 2, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go", + "Bytes": 1829, + "CodeBytes": 0, + "Lines": 98, + "Code": 73, + "Comment": 0, + "Blank": 25, + "Complexity": 14, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 20580, + "CodeBytes": 0, + "Lines": 362, + "Code": 319, + "Comment": 15, + "Blank": 28, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "PHP", + "Bytes": 608, + "CodeBytes": 0, + "Lines": 31, + "Code": 23, + "Comment": 2, + "Blank": 6, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Properties File", + "Bytes": 1084, + "CodeBytes": 0, + "Lines": 22, + "Code": 6, + "Comment": 16, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "XML", + "Bytes": 3048, + "CodeBytes": 0, + "Lines": 103, + "Code": 96, + "Comment": 2, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Batch", + "Bytes": 6913, + "CodeBytes": 0, + "Lines": 149, + "Code": 134, + "Comment": 0, + "Blank": 15, + "Complexity": 17, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 163, + "CodeBytes": 0, + "Lines": 14, + "Code": 14, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 11343, + "CodeBytes": 0, + "Lines": 201, + "Code": 169, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 11344, + "CodeBytes": 0, + "Lines": 202, + "Code": 169, + "Comment": 0, + "Blank": 33, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 10666, + "CodeBytes": 0, + "Lines": 259, + "Code": 205, + "Comment": 40, + "Blank": 14, + "Complexity": 34, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1800, + "CodeBytes": 0, + "Lines": 68, + "Code": 40, + "Comment": 21, + "Blank": 7, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 82951.32379603984, + "estimatedScheduleMonths_low": 5.530694676396683, + "estimatedPeople_low": 1.461144425321394, + "estimatedCost_high": 258512.55433187165, + "estimatedScheduleMonths_high": 5.530694676396683, + "estimatedPeople_high": 1.461144425321394, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 15 430 46 32 352 17\n(ULOC) 295\n-------------------------------------------------------------------------------\nJSX 13 415 56 8 351 27\n(ULOC) 212\n-------------------------------------------------------------------------------\nJSON 12 476 1 0 475 0\n(ULOC) 332\n-------------------------------------------------------------------------------\nMarkdown 11 213 68 0 145 0\n(ULOC) 101\n-------------------------------------------------------------------------------\nSVG 11 101 0 1 100 0\n(ULOC) 66\n-------------------------------------------------------------------------------\nJava 10 272 50 14 208 2\n(ULOC) 142\n-------------------------------------------------------------------------------\nDockerfile 7 179 64 16 99 8\n(ULOC) 102\n-------------------------------------------------------------------------------\nCSS 6 106 10 3 93 0\n(ULOC) 80\n-------------------------------------------------------------------------------\nTypeScript 5 59 9 0 50 0\n(ULOC) 45\n-------------------------------------------------------------------------------\nPython 4 79 16 6 57 2\n(ULOC) 45\n-------------------------------------------------------------------------------\nGo 3 98 25 0 73 14\n(ULOC) 49\n-------------------------------------------------------------------------------\nHTML 3 362 28 15 319 0\n(ULOC) 256\n-------------------------------------------------------------------------------\nPHP 3 31 6 2 23 0\n(ULOC) 24\n-------------------------------------------------------------------------------\nProperties File 2 22 0 16 6 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nXML 2 103 5 2 96 0\n(ULOC) 84\n-------------------------------------------------------------------------------\nBatch 1 149 15 0 134 17\n(ULOC) 114\n-------------------------------------------------------------------------------\nDocker ignore 1 14 0 0 14 0\n(ULOC) 15\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nPlain Text 1 202 33 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nShell 1 259 14 40 205 34\n(ULOC) 200\n-------------------------------------------------------------------------------\nYAML 1 68 7 21 40 0\n(ULOC) 43\n───────────────────────────────────────────────────────────────────────────────\nTotal 113 3839 485 176 3178 121\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2308\nDRYness % 0.60\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $90,961\nEstimated Schedule Effort (organic) 5.53 months\nEstimated People Required (organic) 1.46\n───────────────────────────────────────────────────────────────────────────────\nProcessed 155606 bytes, 0.156 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-12-07T14:49:04Z", + "ossf_scorecard": { + "date": "2025-01-19T13:33:54Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-knight-light", + "commit": "ed82fd175c2c83f1cf08e0ae51cd8bf821093506" }, - "predominant_langs": { - "JavaScript": 21819, - "HTML": 20580, - "Java": 8578, - "Dockerfile": 2711, - "CSS": 1887, - "Python": 1871, - "TypeScript": 1859, - "Go": 1829, - "PHP": 608, - "Just": 439 + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "average_issue_resolution_time": [ - [ - "batcave-knight-light", - "6 days 15:51:47" - ] - ], - "repo_dependency_libyear_list": [ - [ - "Flask", - 1.1397260274, - "2024-07-24T06:13:04.000" - ], - [ - "Jinja2", - 2.0219178082, - "2024-07-24T06:13:04.000" - ], - [ - "MarkupSafe", - 1.0410958904, - "2024-07-24T06:13:04.000" - ], - [ - "Werkzeug", - 1.2219178082, - "2024-07-24T06:13:04.000" - ], - [ - "astroid", - 0.2328767123, - "2024-11-05T20:32:37.000" - ], - [ - "blinker", - 0.0, - "2024-11-05T20:32:37.000" - ], - [ - "click", - 0.0, - "2025-01-02T18:03:43.000" - ], - [ - "click", - 1.301369863, - "2024-07-24T06:13:04.000" - ], - [ - "coverage", - 0.0, - "2025-01-02T18:03:43.000" - ], - [ - "dill", - 0.6712328767, - "2024-11-05T20:32:37.000" - ], - [ - "eslint", - 0.1890410959, - "2024-11-05T20:32:37.000" - ], - [ - "express", - 0.0, - "2024-11-05T20:32:37.000" - ], - [ - "flask", - 0.0, - "2025-01-02T18:03:43.000" - ], - [ - "gunicorn", - 0.0, - "2025-01-02T18:03:43.000" - ], - [ - "gunicorn", - 3.0575342466, - "2024-07-24T06:13:04.000" - ], - [ - "iniconfig", - 0.0, - "2024-11-05T20:32:37.000" - ], - [ - "isort", - 0.0, - "2024-11-05T20:32:37.000" - ], - [ - "itsdangerous", - 0.0, - "2024-11-05T20:32:37.000" - ], - [ - "itsdangerous", - 2.0657534247, - "2024-07-24T06:13:04.000" - ], - [ - "jest", - 0.0, - "2024-11-05T20:32:37.000" - ], - [ - "jinja2", - 0.0, - "2024-11-05T20:32:37.000" - ], - [ - "markupsafe", - 0.7068493151, - "2024-11-05T20:32:37.000" - ], - [ - "mccabe", - 0.0, - "2024-11-05T20:32:37.000" - ], - [ - "packaging", - 0.0, - "2024-11-05T20:32:37.000" - ], - [ - "platformdirs", - 0.3424657534, - "2024-11-05T20:32:37.000" - ], - [ - "pluggy", - 0.0, - "2024-11-05T20:32:37.000" - ], - [ - "pylint", - 0.0, - "2025-01-02T18:03:43.000" - ], - [ - "pytest", - 0.0, - "2025-01-02T18:03:43.000" - ], - [ - "supertest", - 0.2739726027, - "2024-11-05T20:32:37.000" - ], - [ - "tomlkit", - 0.0931506849, - "2024-11-05T20:32:37.000" - ], - [ - "werkzeug", - 0.498630137, - "2024-11-05T20:32:37.000" - ] + "score": 3.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 3, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 8, + "reason": "13 out of 15 merged PRs checked by a CI test -- score normalized to 8", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 2/25 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 3 contributing companies or organizations -- score normalized to 10", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 1, + "reason": "dependency not pinned by hash detected -- score normalized to 1", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool is run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "62 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "JavaScript": 21819, + "HTML": 20580, + "Java": 8578, + "Dockerfile": 2711, + "CSS": 1887, + "Python": 1871, + "TypeScript": 1859, + "Go": 1829, + "PHP": 608, + "Just": 439 + }, + "average_issue_resolution_time": [ + [ + "batcave-knight-light", + "6 days 15:51:47" + ] + ], + "repo_dependency_libyear_list": [ + [ + "Flask", + 1.1397260274, + "2024-07-24T06:13:04.000" + ], + [ + "Jinja2", + 2.0219178082, + "2024-07-24T06:13:04.000" + ], + [ + "MarkupSafe", + 1.0410958904, + "2024-07-24T06:13:04.000" + ], + [ + "Werkzeug", + 1.2219178082, + "2024-07-24T06:13:04.000" + ], + [ + "astroid", + 0.2328767123, + "2024-11-05T20:32:37.000" + ], + [ + "blinker", + 0.0, + "2024-11-05T20:32:37.000" + ], + [ + "click", + 0.0, + "2025-01-02T18:03:43.000" + ], + [ + "click", + 1.301369863, + "2024-07-24T06:13:04.000" + ], + [ + "coverage", + 0.0, + "2025-01-02T18:03:43.000" + ], + [ + "dill", + 0.6712328767, + "2024-11-05T20:32:37.000" + ], + [ + "eslint", + 0.1890410959, + "2024-11-05T20:32:37.000" + ], + [ + "express", + 0.0, + "2024-11-05T20:32:37.000" + ], + [ + "flask", + 0.0, + "2025-01-02T18:03:43.000" + ], + [ + "gunicorn", + 0.0, + "2025-01-02T18:03:43.000" + ], + [ + "gunicorn", + 3.0575342466, + "2024-07-24T06:13:04.000" + ], + [ + "iniconfig", + 0.0, + "2024-11-05T20:32:37.000" + ], + [ + "isort", + 0.0, + "2024-11-05T20:32:37.000" + ], + [ + "itsdangerous", + 0.0, + "2024-11-05T20:32:37.000" + ], + [ + "itsdangerous", + 2.0657534247, + "2024-07-24T06:13:04.000" + ], + [ + "jest", + 0.0, + "2024-11-05T20:32:37.000" + ], + [ + "jinja2", + 0.0, + "2024-11-05T20:32:37.000" + ], + [ + "markupsafe", + 0.7068493151, + "2024-11-05T20:32:37.000" + ], + [ + "mccabe", + 0.0, + "2024-11-05T20:32:37.000" + ], + [ + "packaging", + 0.0, + "2024-11-05T20:32:37.000" + ], + [ + "platformdirs", + 0.3424657534, + "2024-11-05T20:32:37.000" + ], + [ + "pluggy", + 0.0, + "2024-11-05T20:32:37.000" + ], + [ + "pylint", + 0.0, + "2025-01-02T18:03:43.000" + ], + [ + "pytest", + 0.0, + "2025-01-02T18:03:43.000" + ], + [ + "supertest", + 0.2739726027, + "2024-11-05T20:32:37.000" + ], + [ + "tomlkit", + 0.0931506849, + "2024-11-05T20:32:37.000" + ], + [ + "werkzeug", + 0.498630137, + "2024-11-05T20:32:37.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-omnibus/batcave-omnibus_data.json b/app/site/_data/CMS-Enterprise/batcave-omnibus/batcave-omnibus_data.json index ee68dde7d1..e794c15093 100644 --- a/app/site/_data/CMS-Enterprise/batcave-omnibus/batcave-omnibus_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-omnibus/batcave-omnibus_data.json @@ -1,315 +1,315 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-omnibus", - "owner": "CMS-Enterprise", - "name": "batcave-omnibus", - "description": "batCAVE Omnibus", - "commits_count": 166, - "issues_count": 1, - "open_issues_count": 0, - "closed_issues_count": 1, - "pull_requests_count": 6, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 5, - "closed_pull_requests_count": 0, - "forks_count": 3, - "stargazers_count": 1, - "watchers_count": 8, - "total_project_lines": 559, - "average_project_lines": 93, - "total_project_comment_lines": 48, - "average_project_comment_lines": 8, - "total_project_blank_lines": 65, - "average_blank_lines": 11, - "commits_by_month": { - "2024/6": 1, - "2024/5": 9, - "2024/4": 5, - "2024/3": 15 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "YAML", - "Bytes": 8432, - "CodeBytes": 0, - "Lines": 252, - "Code": 227, - "Comment": 3, - "Blank": 22, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 7691, - "CodeBytes": 0, - "Lines": 161, - "Code": 82, - "Comment": 45, - "Blank": 34, - "Complexity": 14, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 4511, - "CodeBytes": 0, - "Lines": 110, - "Code": 110, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1676, - "CodeBytes": 0, - "Lines": 36, - "Code": 27, - "Comment": 0, - "Blank": 9, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 10552.693766444992, - "estimatedScheduleMonths_low": 2.526416151558069, - "estimatedPeople_low": 0.4069189865627467, - "estimatedCost_high": 32886.80271520816, - "estimatedScheduleMonths_high": 2.526416151558069, - "estimatedPeople_high": 0.4069189865627467, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nYAML 3 252 22 3 227 0\n(ULOC) 144\n-------------------------------------------------------------------------------\nDockerfile 1 161 34 45 82 14\n(ULOC) 120\n-------------------------------------------------------------------------------\nJSON 1 110 0 0 110 0\n(ULOC) 50\n-------------------------------------------------------------------------------\nMarkdown 1 36 9 0 27 0\n(ULOC) 28\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 6 559 65 48 446 14\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 339\nDRYness % 0.61\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $11,571\nEstimated Schedule Effort (organic) 2.53 months\nEstimated People Required (organic) 0.41\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 22310 bytes, 0.022 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "created_at": "2023-12-07T14:50:16Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:14Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-omnibus", - "commit": "9492b2d618345f84d0aa200ebb3c9ef8900dea71" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "url": "https://github.com/CMS-Enterprise/batcave-omnibus", + "owner": "CMS-Enterprise", + "name": "batcave-omnibus", + "description": "batCAVE Omnibus", + "commits_count": 166, + "issues_count": 1, + "open_issues_count": 0, + "closed_issues_count": 1, + "pull_requests_count": 6, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 5, + "closed_pull_requests_count": 0, + "forks_count": 3, + "stargazers_count": 1, + "watchers_count": 8, + "total_project_lines": 559, + "average_project_lines": 93, + "total_project_comment_lines": 48, + "average_project_comment_lines": 8, + "total_project_blank_lines": 65, + "average_blank_lines": 11, + "commits_by_month": { + "2024/6": 1, + "2024/5": 9, + "2024/4": 5, + "2024/3": 15 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "YAML", + "Bytes": 8432, + "CodeBytes": 0, + "Lines": 252, + "Code": 227, + "Comment": 3, + "Blank": 22, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 7691, + "CodeBytes": 0, + "Lines": 161, + "Code": 82, + "Comment": 45, + "Blank": 34, + "Complexity": 14, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 4511, + "CodeBytes": 0, + "Lines": 110, + "Code": 110, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1676, + "CodeBytes": 0, + "Lines": 36, + "Code": 27, + "Comment": 0, + "Blank": 9, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 10552.693766444992, + "estimatedScheduleMonths_low": 2.526416151558069, + "estimatedPeople_low": 0.4069189865627467, + "estimatedCost_high": 32886.80271520816, + "estimatedScheduleMonths_high": 2.526416151558069, + "estimatedPeople_high": 0.4069189865627467, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nYAML 3 252 22 3 227 0\n(ULOC) 144\n-------------------------------------------------------------------------------\nDockerfile 1 161 34 45 82 14\n(ULOC) 120\n-------------------------------------------------------------------------------\nJSON 1 110 0 0 110 0\n(ULOC) 50\n-------------------------------------------------------------------------------\nMarkdown 1 36 9 0 27 0\n(ULOC) 28\n───────────────────────────────────────────────────────────────────────────────\nTotal 6 559 65 48 446 14\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 339\nDRYness % 0.61\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $11,571\nEstimated Schedule Effort (organic) 2.53 months\nEstimated People Required (organic) 0.41\n───────────────────────────────────────────────────────────────────────────────\nProcessed 22310 bytes, 0.022 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-12-07T14:50:16Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:14Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-omnibus", + "commit": "9492b2d618345f84d0aa200ebb3c9ef8900dea71" }, - "predominant_langs": { - "Dockerfile": 7691, - "Just": 361, - "HCL": 316 + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "average_issue_resolution_time": [ - [ - "batcave-omnibus", - "01:54:59" - ] + "score": 4.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "metadata": null + }, + "predominant_langs": { + "Dockerfile": 7691, + "Just": 361, + "HCL": 316 + }, + "average_issue_resolution_time": [ + [ + "batcave-omnibus", + "01:54:59" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-autoscaler/batcave-tf-autoscaler_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-autoscaler/batcave-tf-autoscaler_data.json index 9479dd6bf6..b56ef7e1fa 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-autoscaler/batcave-tf-autoscaler_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-autoscaler/batcave-tf-autoscaler_data.json @@ -1,298 +1,298 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-autoscaler", - "owner": "CMS-Enterprise", - "name": "batcave-tf-autoscaler", - "description": "batCAVE autoscaler Terraform module", - "commits_count": 35, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 30, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 26, - "closed_pull_requests_count": 2, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 11, - "total_project_lines": 482, - "average_project_lines": 40, - "total_project_comment_lines": 9, - "average_project_comment_lines": 1, - "total_project_blank_lines": 67, - "average_blank_lines": 6, - "commits_by_month": { - "2023/12": 1, - "2023/10": 3, - "2023/9": 4, - "2023/3": 2, - "2022/10": 1, - "2022/9": 2, - "2022/8": 5, - "2022/7": 4, - "2022/6": 8 + "url": "https://github.com/CMS-Enterprise/batcave-tf-autoscaler", + "owner": "CMS-Enterprise", + "name": "batcave-tf-autoscaler", + "description": "batCAVE autoscaler Terraform module", + "commits_count": 35, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 30, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 26, + "closed_pull_requests_count": 2, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 11, + "total_project_lines": 482, + "average_project_lines": 40, + "total_project_comment_lines": 9, + "average_project_comment_lines": 1, + "total_project_blank_lines": 67, + "average_blank_lines": 6, + "commits_by_month": { + "2023/12": 1, + "2023/10": 3, + "2023/9": 4, + "2023/3": 2, + "2022/10": 1, + "2022/9": 2, + "2022/8": 5, + "2022/7": 4, + "2022/6": 8 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 7859, + "CodeBytes": 0, + "Lines": 133, + "Code": 102, + "Comment": 0, + "Blank": 31, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 6541, + "CodeBytes": 0, + "Lines": 271, + "Code": 233, + "Comment": 5, + "Blank": 33, + "Complexity": 3, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 9561.236680702392, + "estimatedScheduleMonths_low": 2.4334485469715608, + "estimatedPeople_low": 0.3827730996644873, + "estimatedCost_high": 29796.989412457842, + "estimatedScheduleMonths_high": 2.4334485469715608, + "estimatedPeople_high": 0.3827730996644873, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 5 133 31 0 102 0\n(ULOC) 101\n-------------------------------------------------------------------------------\nTerraform 5 271 33 5 233 3\n(ULOC) 146\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n───────────────────────────────────────────────────────────────────────────────\nTotal 12 482 67 9 406 3\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 317\nDRYness % 0.66\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $10,484\nEstimated Schedule Effort (organic) 2.43 months\nEstimated People Required (organic) 0.38\n───────────────────────────────────────────────────────────────────────────────\nProcessed 17002 bytes, 0.017 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-04-15T15:58:33Z", + "ossf_scorecard": { + "date": "2025-01-19T13:35:55Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-autoscaler", + "commit": "d7e7d5ca73752d61ca398796473a9a5a25d20160" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 7859, - "CodeBytes": 0, - "Lines": 133, - "Code": 102, - "Comment": 0, - "Blank": 31, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 6541, - "CodeBytes": 0, - "Lines": 271, - "Code": 233, - "Comment": 5, - "Blank": 33, - "Complexity": 3, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 9561.236680702392, - "estimatedScheduleMonths_low": 2.4334485469715608, - "estimatedPeople_low": 0.3827730996644873, - "estimatedCost_high": 29796.989412457842, - "estimatedScheduleMonths_high": 2.4334485469715608, - "estimatedPeople_high": 0.3827730996644873, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 5 133 31 0 102 0\n(ULOC) 101\n-------------------------------------------------------------------------------\nTerraform 5 271 33 5 233 3\n(ULOC) 146\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 12 482 67 9 406 3\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 317\nDRYness % 0.66\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $10,484\nEstimated Schedule Effort (organic) 2.43 months\nEstimated People Required (organic) 0.38\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 17002 bytes, 0.017 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-04-15T15:58:33Z", - "ossf_scorecard": { - "date": "2025-01-19T13:35:55Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-autoscaler", - "commit": "d7e7d5ca73752d61ca398796473a9a5a25d20160" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.9, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "1 out of 25 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 23/25 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 6766 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.9, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "1 out of 25 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 23/25 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 6766 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-buckets/batcave-tf-buckets_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-buckets/batcave-tf-buckets_data.json index b40205b140..f89b66e2f6 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-buckets/batcave-tf-buckets_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-buckets/batcave-tf-buckets_data.json @@ -1,297 +1,297 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-buckets", - "owner": "CMS-Enterprise", - "name": "batcave-tf-buckets", - "description": "batCAVE S3 bucket Terraform module", - "commits_count": 14, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 18, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 13, - "closed_pull_requests_count": 3, - "forks_count": 0, - "stargazers_count": 2, - "watchers_count": 7, - "total_project_lines": 415, - "average_project_lines": 42, - "total_project_comment_lines": 100, - "average_project_comment_lines": 10, - "total_project_blank_lines": 52, - "average_blank_lines": 5, - "commits_by_month": { - "2023/12": 2, - "2023/10": 1, - "2023/7": 2, - "2023/4": 1, - "2023/3": 2, - "2023/2": 1, - "2022/10": 1, - "2022/3": 4 + "url": "https://github.com/CMS-Enterprise/batcave-tf-buckets", + "owner": "CMS-Enterprise", + "name": "batcave-tf-buckets", + "description": "batCAVE S3 bucket Terraform module", + "commits_count": 14, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 18, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 13, + "closed_pull_requests_count": 3, + "forks_count": 0, + "stargazers_count": 2, + "watchers_count": 7, + "total_project_lines": 415, + "average_project_lines": 42, + "total_project_comment_lines": 100, + "average_project_comment_lines": 10, + "total_project_blank_lines": 52, + "average_blank_lines": 5, + "commits_by_month": { + "2023/12": 2, + "2023/10": 1, + "2023/7": 2, + "2023/4": 1, + "2023/3": 2, + "2023/2": 1, + "2022/10": 1, + "2022/3": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 6868, + "CodeBytes": 0, + "Lines": 131, + "Code": 98, + "Comment": 0, + "Blank": 33, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 5943, + "CodeBytes": 0, + "Lines": 206, + "Code": 94, + "Comment": 96, + "Blank": 16, + "Complexity": 9, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 6060.5950892609835, + "estimatedScheduleMonths_low": 2.0463627614889806, + "estimatedPeople_low": 0.28852413883820316, + "estimatedCost_high": 18887.461291737116, + "estimatedScheduleMonths_high": 2.0463627614889806, + "estimatedPeople_high": 0.28852413883820316, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 5 131 33 0 98 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nTerraform 3 206 16 96 94 9\n(ULOC) 119\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n───────────────────────────────────────────────────────────────────────────────\nTotal 10 415 52 100 263 9\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 286\nDRYness % 0.69\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $6,645\nEstimated Schedule Effort (organic) 2.05 months\nEstimated People Required (organic) 0.29\n───────────────────────────────────────────────────────────────────────────────\nProcessed 15413 bytes, 0.015 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-03-10T14:15:10Z", + "ossf_scorecard": { + "date": "2025-01-19T13:35:42Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-buckets", + "commit": "48147d6a131f1a22bc333d62578e7fbe81320009" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 6868, - "CodeBytes": 0, - "Lines": 131, - "Code": 98, - "Comment": 0, - "Blank": 33, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 5943, - "CodeBytes": 0, - "Lines": 206, - "Code": 94, - "Comment": 96, - "Blank": 16, - "Complexity": 9, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 6060.5950892609835, - "estimatedScheduleMonths_low": 2.0463627614889806, - "estimatedPeople_low": 0.28852413883820316, - "estimatedCost_high": 18887.461291737116, - "estimatedScheduleMonths_high": 2.0463627614889806, - "estimatedPeople_high": 0.28852413883820316, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 5 131 33 0 98 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nTerraform 3 206 16 96 94 9\n(ULOC) 119\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 10 415 52 100 263 9\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 286\nDRYness % 0.69\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $6,645\nEstimated Schedule Effort (organic) 2.05 months\nEstimated People Required (organic) 0.29\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 15413 bytes, 0.015 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-03-10T14:15:10Z", - "ossf_scorecard": { - "date": "2025-01-19T13:35:42Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-buckets", - "commit": "48147d6a131f1a22bc333d62578e7fbe81320009" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.7, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "1 out of 13 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 8, - "reason": "Found 12/14 approved changesets -- score normalized to 8", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 6168 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.7, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "1 out of 13 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 8, + "reason": "Found 12/14 approved changesets -- score normalized to 8", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 6168 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-cluster/batcave-tf-cluster_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-cluster/batcave-tf-cluster_data.json index a1ff36f4b3..6a4afbbc19 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-cluster/batcave-tf-cluster_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-cluster/batcave-tf-cluster_data.json @@ -1,342 +1,342 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-cluster", - "owner": "CMS-Enterprise", - "name": "batcave-tf-cluster", - "description": "batCAVE EKS cluster Terraform module", - "commits_count": 143, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 152, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 137, - "closed_pull_requests_count": 13, - "forks_count": 1, - "stargazers_count": 0, - "watchers_count": 11, - "total_project_lines": 2508, - "average_project_lines": 132, - "total_project_comment_lines": 160, - "average_project_comment_lines": 8, - "total_project_blank_lines": 325, - "average_blank_lines": 17, - "commits_by_month": { - "2024/5": 5, - "2024/4": 3, - "2024/2": 8, - "2024/1": 6, - "2023/12": 2, - "2023/11": 6 + "url": "https://github.com/CMS-Enterprise/batcave-tf-cluster", + "owner": "CMS-Enterprise", + "name": "batcave-tf-cluster", + "description": "batCAVE EKS cluster Terraform module", + "commits_count": 143, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 152, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 137, + "closed_pull_requests_count": 13, + "forks_count": 1, + "stargazers_count": 0, + "watchers_count": 11, + "total_project_lines": 2508, + "average_project_lines": 132, + "total_project_comment_lines": 160, + "average_project_comment_lines": 8, + "total_project_blank_lines": 325, + "average_blank_lines": 17, + "commits_by_month": { + "2024/5": 5, + "2024/4": 3, + "2024/2": 8, + "2024/1": 6, + "2023/12": 2, + "2023/11": 6 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 69748, + "CodeBytes": 0, + "Lines": 2089, + "Code": 1659, + "Comment": 153, + "Blank": 277, + "Complexity": 281, + "Count": 11, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 35926, + "CodeBytes": 0, + "Lines": 313, + "Code": 270, + "Comment": 0, + "Blank": 43, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2782, + "CodeBytes": 0, + "Lines": 83, + "Code": 76, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 107, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 624, + "CodeBytes": 0, + "Lines": 6, + "Code": 2, + "Comment": 3, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Smarty Template", + "Bytes": 404, + "CodeBytes": 0, + "Lines": 11, + "Code": 10, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 51624.68450852237, + "estimatedScheduleMonths_low": 4.618624316609842, + "estimatedPeople_low": 1.0889157535506269, + "estimatedCost_high": 160885.06425393844, + "estimatedScheduleMonths_high": 4.618624316609842, + "estimatedPeople_high": 1.0889157535506269, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 11 2089 277 153 1659 281\n(ULOC) 1037\n-------------------------------------------------------------------------------\nMarkdown 3 313 43 0 270 0\n(ULOC) 267\n-------------------------------------------------------------------------------\nYAML 2 83 3 4 76 0\n(ULOC) 76\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nShell 1 6 1 3 2 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nSmarty Template 1 11 1 0 10 0\n(ULOC) 11\n───────────────────────────────────────────────────────────────────────────────\nTotal 19 2508 325 160 2023 281\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1396\nDRYness % 0.56\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $56,609\nEstimated Schedule Effort (organic) 4.62 months\nEstimated People Required (organic) 1.09\n───────────────────────────────────────────────────────────────────────────────\nProcessed 109591 bytes, 0.110 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-03-08T16:24:15Z", + "ossf_scorecard": { + "date": "2025-01-19T13:34:57Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-cluster", + "commit": "314dfb1bc85273502330c747524071c991f11068" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 69748, - "CodeBytes": 0, - "Lines": 2089, - "Code": 1659, - "Comment": 153, - "Blank": 277, - "Complexity": 281, - "Count": 11, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 35926, - "CodeBytes": 0, - "Lines": 313, - "Code": 270, - "Comment": 0, - "Blank": 43, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2782, - "CodeBytes": 0, - "Lines": 83, - "Code": 76, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 107, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 624, - "CodeBytes": 0, - "Lines": 6, - "Code": 2, - "Comment": 3, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Smarty Template", - "Bytes": 404, - "CodeBytes": 0, - "Lines": 11, - "Code": 10, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 51624.68450852237, - "estimatedScheduleMonths_low": 4.618624316609842, - "estimatedPeople_low": 1.0889157535506269, - "estimatedCost_high": 160885.06425393844, - "estimatedScheduleMonths_high": 4.618624316609842, - "estimatedPeople_high": 1.0889157535506269, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 11 2089 277 153 1659 281\n(ULOC) 1037\n-------------------------------------------------------------------------------\nMarkdown 3 313 43 0 270 0\n(ULOC) 267\n-------------------------------------------------------------------------------\nYAML 2 83 3 4 76 0\n(ULOC) 76\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nShell 1 6 1 3 2 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nSmarty Template 1 11 1 0 10 0\n(ULOC) 11\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 19 2508 325 160 2023 281\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1396\nDRYness % 0.56\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $56,609\nEstimated Schedule Effort (organic) 4.62 months\nEstimated People Required (organic) 1.09\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 109591 bytes, 0.110 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-03-08T16:24:15Z", - "ossf_scorecard": { - "date": "2025-01-19T13:34:57Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-cluster", - "commit": "314dfb1bc85273502330c747524071c991f11068" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.9, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 1, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 7, - "reason": "21 out of 30 merged PRs checked by a CI test -- score normalized to 7", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 5 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 69973, - "Shell": 624, - "Smarty": 404 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.9, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 1, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 7, + "reason": "21 out of 30 merged PRs checked by a CI test -- score normalized to 7", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 5 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 69973, + "Shell": 624, + "Smarty": 404 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-configmap/batcave-tf-configmap_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-configmap/batcave-tf-configmap_data.json index 0bbb15b276..80ff8910c2 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-configmap/batcave-tf-configmap_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-configmap/batcave-tf-configmap_data.json @@ -1,308 +1,308 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-configmap", - "owner": "CMS-Enterprise", - "name": "batcave-tf-configmap", - "description": "batCAVE Configmap Terraform module", - "commits_count": 6, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 5, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 3, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 91, - "average_project_lines": 15, - "total_project_comment_lines": 2, - "average_project_comment_lines": 0, - "total_project_blank_lines": 11, - "average_blank_lines": 2, - "commits_by_month": { - "2023/10": 1, - "2023/7": 1, - "2022/10": 1, - "2022/7": 3 + "url": "https://github.com/CMS-Enterprise/batcave-tf-configmap", + "owner": "CMS-Enterprise", + "name": "batcave-tf-configmap", + "description": "batCAVE Configmap Terraform module", + "commits_count": 6, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 5, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 3, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 91, + "average_project_lines": 15, + "total_project_comment_lines": 2, + "average_project_comment_lines": 0, + "total_project_blank_lines": 11, + "average_blank_lines": 2, + "commits_by_month": { + "2023/10": 1, + "2023/7": 1, + "2022/10": 1, + "2022/7": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 1111, + "CodeBytes": 0, + "Lines": 22, + "Code": 17, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 1002, + "CodeBytes": 0, + "Lines": 44, + "Code": 38, + "Comment": 0, + "Blank": 6, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 107, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 733, + "CodeBytes": 0, + "Lines": 19, + "Code": 17, + "Comment": 2, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 1691.4574082393924, + "estimatedScheduleMonths_low": 1.2599868918352457, + "estimatedPeople_low": 0.13078096799683903, + "estimatedCost_high": 5271.320036105415, + "estimatedScheduleMonths_high": 1.2599868918352457, + "estimatedPeople_high": 0.13078096799683903, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 2 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nTerraform 2 44 6 0 38 0\n(ULOC) 33\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n───────────────────────────────────────────────────────────────────────────────\nTotal 6 91 11 2 78 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 73\nDRYness % 0.80\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,854\nEstimated Schedule Effort (organic) 1.26 months\nEstimated People Required (organic) 0.13\n───────────────────────────────────────────────────────────────────────────────\nProcessed 2953 bytes, 0.003 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-07-26T19:26:05Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:05Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-configmap", + "commit": "bc1a935d6e2ba91c916412b05b0065cd20f0cf76" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 1111, - "CodeBytes": 0, - "Lines": 22, - "Code": 17, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 1002, - "CodeBytes": 0, - "Lines": 44, - "Code": 38, - "Comment": 0, - "Blank": 6, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 107, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 733, - "CodeBytes": 0, - "Lines": 19, - "Code": 17, - "Comment": 2, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 1691.4574082393924, - "estimatedScheduleMonths_low": 1.2599868918352457, - "estimatedPeople_low": 0.13078096799683903, - "estimatedCost_high": 5271.320036105415, - "estimatedScheduleMonths_high": 1.2599868918352457, - "estimatedPeople_high": 0.13078096799683903, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 2 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nTerraform 2 44 6 0 38 0\n(ULOC) 33\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 6 91 11 2 78 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 73\nDRYness % 0.80\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $1,854\nEstimated Schedule Effort (organic) 1.26 months\nEstimated People Required (organic) 0.13\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 2953 bytes, 0.003 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-07-26T19:26:05Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:05Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-configmap", - "commit": "bc1a935d6e2ba91c916412b05b0065cd20f0cf76" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.3, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 4, - "reason": "Found 2/5 approved changesets -- score normalized to 4", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 1227 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.3, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 4, + "reason": "Found 2/5 approved changesets -- score normalized to 4", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 1227 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-db-s3-integration/batcave-tf-db-s3-integration_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-db-s3-integration/batcave-tf-db-s3-integration_data.json index d9ff2842a6..e8ba9aab41 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-db-s3-integration/batcave-tf-db-s3-integration_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-db-s3-integration/batcave-tf-db-s3-integration_data.json @@ -1,292 +1,292 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-db-s3-integration", - "owner": "CMS-Enterprise", - "name": "batcave-tf-db-s3-integration", - "description": null, - "commits_count": 14, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 3, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 2, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 6, - "total_project_lines": 432, - "average_project_lines": 39, - "total_project_comment_lines": 45, - "average_project_comment_lines": 4, - "total_project_blank_lines": 65, - "average_blank_lines": 6, - "commits_by_month": { - "2023/12": 1, - "2023/10": 1, - "2023/5": 12 + "url": "https://github.com/CMS-Enterprise/batcave-tf-db-s3-integration", + "owner": "CMS-Enterprise", + "name": "batcave-tf-db-s3-integration", + "description": null, + "commits_count": 14, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 3, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 2, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 6, + "total_project_lines": 432, + "average_project_lines": 39, + "total_project_comment_lines": 45, + "average_project_comment_lines": 4, + "total_project_blank_lines": 65, + "average_blank_lines": 6, + "commits_by_month": { + "2023/12": 1, + "2023/10": 1, + "2023/5": 12 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 5825, + "CodeBytes": 0, + "Lines": 237, + "Code": 161, + "Comment": 41, + "Blank": 35, + "Complexity": 18, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 7423, + "CodeBytes": 0, + "Lines": 117, + "Code": 90, + "Comment": 0, + "Blank": 27, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 7495.668975754886, + "estimatedScheduleMonths_low": 2.218476196931958, + "estimatedPeople_low": 0.3291585448072403, + "estimatedCost_high": 23359.778297366585, + "estimatedScheduleMonths_high": 2.218476196931958, + "estimatedPeople_high": 0.3291585448072403, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 5 237 35 41 161 18\n(ULOC) 130\n-------------------------------------------------------------------------------\nMarkdown 4 117 27 0 90 0\n(ULOC) 89\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n───────────────────────────────────────────────────────────────────────────────\nTotal 11 432 65 45 322 18\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 289\nDRYness % 0.67\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $8,219\nEstimated Schedule Effort (organic) 2.22 months\nEstimated People Required (organic) 0.33\n───────────────────────────────────────────────────────────────────────────────\nProcessed 15850 bytes, 0.016 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-08-17T17:16:06Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:08Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-db-s3-integration", + "commit": "0f52204f66408e10972af252f4f0992ab0669028" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 5825, - "CodeBytes": 0, - "Lines": 237, - "Code": 161, - "Comment": 41, - "Blank": 35, - "Complexity": 18, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 7423, - "CodeBytes": 0, - "Lines": 117, - "Code": 90, - "Comment": 0, - "Blank": 27, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 7495.668975754886, - "estimatedScheduleMonths_low": 2.218476196931958, - "estimatedPeople_low": 0.3291585448072403, - "estimatedCost_high": 23359.778297366585, - "estimatedScheduleMonths_high": 2.218476196931958, - "estimatedPeople_high": 0.3291585448072403, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 5 237 35 41 161 18\n(ULOC) 130\n-------------------------------------------------------------------------------\nMarkdown 4 117 27 0 90 0\n(ULOC) 89\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 11 432 65 45 322 18\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 289\nDRYness % 0.67\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $8,219\nEstimated Schedule Effort (organic) 2.22 months\nEstimated People Required (organic) 0.33\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 15850 bytes, 0.016 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-08-17T17:16:06Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:08Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-db-s3-integration", - "commit": "0f52204f66408e10972af252f4f0992ab0669028" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 5, - "reason": "1 out of 2 merged PRs checked by a CI test -- score normalized to 5", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 1, - "reason": "Found 2/14 approved changesets -- score normalized to 1", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 6050 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 5, + "reason": "1 out of 2 merged PRs checked by a CI test -- score normalized to 5", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 1, + "reason": "Found 2/14 approved changesets -- score normalized to 1", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 6050 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-dynamodb/batcave-tf-dynamodb_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-dynamodb/batcave-tf-dynamodb_data.json index cb74575f85..ccfe70cc6e 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-dynamodb/batcave-tf-dynamodb_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-dynamodb/batcave-tf-dynamodb_data.json @@ -1,293 +1,293 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-dynamodb", - "owner": "CMS-Enterprise", - "name": "batcave-tf-dynamodb", - "description": "batCAVE DynamoDB Terraform module", - "commits_count": 12, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 2, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 171, - "average_project_lines": 24, - "total_project_comment_lines": 3, - "average_project_comment_lines": 0, - "total_project_blank_lines": 27, - "average_blank_lines": 4, - "commits_by_month": { - "2024/2": 6, - "2024/1": 1, - "2023/10": 1, - "2023/2": 4 + "url": "https://github.com/CMS-Enterprise/batcave-tf-dynamodb", + "owner": "CMS-Enterprise", + "name": "batcave-tf-dynamodb", + "description": "batCAVE DynamoDB Terraform module", + "commits_count": 12, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 2, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 171, + "average_project_lines": 24, + "total_project_comment_lines": 3, + "average_project_comment_lines": 0, + "total_project_blank_lines": 27, + "average_blank_lines": 4, + "commits_by_month": { + "2024/2": 6, + "2024/1": 1, + "2023/10": 1, + "2023/2": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 1336, + "CodeBytes": 0, + "Lines": 26, + "Code": 19, + "Comment": 0, + "Blank": 7, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 2889, + "CodeBytes": 0, + "Lines": 126, + "Code": 105, + "Comment": 1, + "Blank": 20, + "Complexity": 1, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 733, + "CodeBytes": 0, + "Lines": 19, + "Code": 17, + "Comment": 2, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 3149.5013726738352, + "estimatedScheduleMonths_low": 1.5957274152892587, + "estimatedPeople_low": 0.19227933149368265, + "estimatedCost_high": 9815.221836887902, + "estimatedScheduleMonths_high": 1.5957274152892587, + "estimatedPeople_high": 0.19227933149368265, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 3 26 7 0 19 0\n(ULOC) 20\n-------------------------------------------------------------------------------\nTerraform 3 126 20 1 105 1\n(ULOC) 70\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n───────────────────────────────────────────────────────────────────────────────\nTotal 7 171 27 3 141 1\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 107\nDRYness % 0.63\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $3,453\nEstimated Schedule Effort (organic) 1.60 months\nEstimated People Required (organic) 0.19\n───────────────────────────────────────────────────────────────────────────────\nProcessed 4958 bytes, 0.005 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-02-27T21:44:41Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:21Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-dynamodb", + "commit": "0ec1f19bbc6496ee95495d3723ccaaed839ceada" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 1336, - "CodeBytes": 0, - "Lines": 26, - "Code": 19, - "Comment": 0, - "Blank": 7, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 2889, - "CodeBytes": 0, - "Lines": 126, - "Code": 105, - "Comment": 1, - "Blank": 20, - "Complexity": 1, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 733, - "CodeBytes": 0, - "Lines": 19, - "Code": 17, - "Comment": 2, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 3149.5013726738352, - "estimatedScheduleMonths_low": 1.5957274152892587, - "estimatedPeople_low": 0.19227933149368265, - "estimatedCost_high": 9815.221836887902, - "estimatedScheduleMonths_high": 1.5957274152892587, - "estimatedPeople_high": 0.19227933149368265, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 3 26 7 0 19 0\n(ULOC) 20\n-------------------------------------------------------------------------------\nTerraform 3 126 20 1 105 1\n(ULOC) 70\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 7 171 27 3 141 1\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 107\nDRYness % 0.63\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $3,453\nEstimated Schedule Effort (organic) 1.60 months\nEstimated People Required (organic) 0.19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 4958 bytes, 0.005 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-02-27T21:44:41Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:21Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-dynamodb", - "commit": "0ec1f19bbc6496ee95495d3723ccaaed839ceada" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 2.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 1/12 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 3415 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 1/12 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 3415 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-efs/batcave-tf-efs_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-efs/batcave-tf-efs_data.json index 014fc6d499..f9f0c6914c 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-efs/batcave-tf-efs_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-efs/batcave-tf-efs_data.json @@ -1,299 +1,299 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-efs", - "owner": "CMS-Enterprise", - "name": "batcave-tf-efs", - "description": "batCAVE EFS Terraform module", - "commits_count": 18, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 20, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 17, - "closed_pull_requests_count": 2, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 802, - "average_project_lines": 62, - "total_project_comment_lines": 131, - "average_project_comment_lines": 10, - "total_project_blank_lines": 84, - "average_blank_lines": 6, - "commits_by_month": { - "2024/4": 1, - "2023/12": 1, - "2023/10": 2, - "2023/9": 3, - "2023/8": 2, - "2023/7": 1, - "2023/5": 2, - "2023/4": 2, - "2022/10": 3, - "2022/8": 1 + "url": "https://github.com/CMS-Enterprise/batcave-tf-efs", + "owner": "CMS-Enterprise", + "name": "batcave-tf-efs", + "description": "batCAVE EFS Terraform module", + "commits_count": 18, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 20, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 17, + "closed_pull_requests_count": 2, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 802, + "average_project_lines": 62, + "total_project_comment_lines": 131, + "average_project_comment_lines": 10, + "total_project_blank_lines": 84, + "average_blank_lines": 6, + "commits_by_month": { + "2024/4": 1, + "2023/12": 1, + "2023/10": 2, + "2023/9": 3, + "2023/8": 2, + "2023/7": 1, + "2023/5": 2, + "2023/4": 2, + "2022/10": 3, + "2022/8": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 14955, + "CodeBytes": 0, + "Lines": 549, + "Code": 376, + "Comment": 125, + "Blank": 48, + "Complexity": 20, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 12573, + "CodeBytes": 0, + "Lines": 166, + "Code": 134, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2793, + "CodeBytes": 0, + "Lines": 87, + "Code": 77, + "Comment": 6, + "Blank": 4, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 14080.942984817942, + "estimatedScheduleMonths_low": 2.8190766404455045, + "estimatedPeople_low": 0.48660253276382354, + "estimatedCost_high": 43882.36825920934, + "estimatedScheduleMonths_high": 2.8190766404455045, + "estimatedPeople_high": 0.48660253276382354, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 6 549 48 125 376 20\n(ULOC) 301\n-------------------------------------------------------------------------------\nMarkdown 5 166 32 0 134 0\n(ULOC) 135\n-------------------------------------------------------------------------------\nYAML 2 87 4 6 77 0\n(ULOC) 75\n───────────────────────────────────────────────────────────────────────────────\nTotal 13 802 84 131 587 20\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 509\nDRYness % 0.63\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $15,440\nEstimated Schedule Effort (organic) 2.82 months\nEstimated People Required (organic) 0.49\n───────────────────────────────────────────────────────────────────────────────\nProcessed 30321 bytes, 0.030 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-08-23T16:05:23Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:02Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-efs", + "commit": "258a1cbb0ef8f2f7af512852135f029949a75695" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 14955, - "CodeBytes": 0, - "Lines": 549, - "Code": 376, - "Comment": 125, - "Blank": 48, - "Complexity": 20, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 12573, - "CodeBytes": 0, - "Lines": 166, - "Code": 134, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2793, - "CodeBytes": 0, - "Lines": 87, - "Code": 77, - "Comment": 6, - "Blank": 4, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 14080.942984817942, - "estimatedScheduleMonths_low": 2.8190766404455045, - "estimatedPeople_low": 0.48660253276382354, - "estimatedCost_high": 43882.36825920934, - "estimatedScheduleMonths_high": 2.8190766404455045, - "estimatedPeople_high": 0.48660253276382354, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 6 549 48 125 376 20\n(ULOC) 301\n-------------------------------------------------------------------------------\nMarkdown 5 166 32 0 134 0\n(ULOC) 135\n-------------------------------------------------------------------------------\nYAML 2 87 4 6 77 0\n(ULOC) 75\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 13 802 84 131 587 20\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 509\nDRYness % 0.63\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $15,440\nEstimated Schedule Effort (organic) 2.82 months\nEstimated People Required (organic) 0.49\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 30321 bytes, 0.030 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-08-23T16:05:23Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:02Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-efs", - "commit": "258a1cbb0ef8f2f7af512852135f029949a75695" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.7, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 17 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 17/18 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 15180 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.7, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 17 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 17/18 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 15180 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-gatus/batcave-tf-gatus_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-gatus/batcave-tf-gatus_data.json index 0712f2fc52..13b8c331aa 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-gatus/batcave-tf-gatus_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-gatus/batcave-tf-gatus_data.json @@ -1,313 +1,313 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-gatus", - "owner": "CMS-Enterprise", - "name": "batcave-tf-gatus", - "description": "batCAVE Gatus Terraform module", - "commits_count": 14, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 14, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 13, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 6, - "total_project_lines": 564, - "average_project_lines": 51, - "total_project_comment_lines": 54, - "average_project_comment_lines": 5, - "total_project_blank_lines": 68, - "average_blank_lines": 6, - "commits_by_month": { - "2023/12": 1, - "2023/10": 1, - "2023/7": 3, - "2023/3": 1, - "2023/2": 1, - "2022/12": 1, - "2022/10": 3, - "2022/9": 1, - "2022/8": 2 + "url": "https://github.com/CMS-Enterprise/batcave-tf-gatus", + "owner": "CMS-Enterprise", + "name": "batcave-tf-gatus", + "description": "batCAVE Gatus Terraform module", + "commits_count": 14, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 14, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 13, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 6, + "total_project_lines": 564, + "average_project_lines": 51, + "total_project_comment_lines": 54, + "average_project_comment_lines": 5, + "total_project_blank_lines": 68, + "average_blank_lines": 6, + "commits_by_month": { + "2023/12": 1, + "2023/10": 1, + "2023/7": 3, + "2023/3": 1, + "2023/2": 1, + "2022/12": 1, + "2022/10": 3, + "2022/9": 1, + "2022/8": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 9591, + "CodeBytes": 0, + "Lines": 165, + "Code": 128, + "Comment": 0, + "Blank": 37, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 7771, + "CodeBytes": 0, + "Lines": 306, + "Code": 231, + "Comment": 48, + "Blank": 27, + "Complexity": 27, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2793, + "CodeBytes": 0, + "Lines": 87, + "Code": 77, + "Comment": 6, + "Blank": 4, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 107, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 10453.340968333847, + "estimatedScheduleMonths_low": 2.5173509510245022, + "estimatedPeople_low": 0.4045394303100452, + "estimatedCost_high": 32577.176003488858, + "estimatedScheduleMonths_high": 2.5173509510245022, + "estimatedPeople_high": 0.4045394303100452, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 5 165 37 0 128 0\n(ULOC) 125\n-------------------------------------------------------------------------------\nTerraform 3 306 27 48 231 27\n(ULOC) 185\n-------------------------------------------------------------------------------\nYAML 2 87 4 6 77 0\n(ULOC) 75\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n───────────────────────────────────────────────────────────────────────────────\nTotal 11 564 68 54 442 27\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 387\nDRYness % 0.69\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $11,462\nEstimated Schedule Effort (organic) 2.52 months\nEstimated People Required (organic) 0.40\n───────────────────────────────────────────────────────────────────────────────\nProcessed 20262 bytes, 0.020 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-08-30T22:54:43Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:09Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-gatus", + "commit": "0dd7d724dcda91370778d373ab3e58f3ebb6b6b5" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 9591, - "CodeBytes": 0, - "Lines": 165, - "Code": 128, - "Comment": 0, - "Blank": 37, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 7771, - "CodeBytes": 0, - "Lines": 306, - "Code": 231, - "Comment": 48, - "Blank": 27, - "Complexity": 27, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2793, - "CodeBytes": 0, - "Lines": 87, - "Code": 77, - "Comment": 6, - "Blank": 4, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 107, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 10453.340968333847, - "estimatedScheduleMonths_low": 2.5173509510245022, - "estimatedPeople_low": 0.4045394303100452, - "estimatedCost_high": 32577.176003488858, - "estimatedScheduleMonths_high": 2.5173509510245022, - "estimatedPeople_high": 0.4045394303100452, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 5 165 37 0 128 0\n(ULOC) 125\n-------------------------------------------------------------------------------\nTerraform 3 306 27 48 231 27\n(ULOC) 185\n-------------------------------------------------------------------------------\nYAML 2 87 4 6 77 0\n(ULOC) 75\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 11 564 68 54 442 27\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 387\nDRYness % 0.69\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $11,462\nEstimated Schedule Effort (organic) 2.52 months\nEstimated People Required (organic) 0.40\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 20262 bytes, 0.020 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-08-30T22:54:43Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:09Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-gatus", - "commit": "0dd7d724dcda91370778d373ab3e58f3ebb6b6b5" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "1 out of 13 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 12/13 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 7996 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "1 out of 13 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 12/13 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 7996 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-irsa/batcave-tf-irsa_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-irsa/batcave-tf-irsa_data.json index e2aac395da..de685bce2f 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-irsa/batcave-tf-irsa_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-irsa/batcave-tf-irsa_data.json @@ -1,315 +1,315 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-irsa", - "owner": "CMS-Enterprise", - "name": "batcave-tf-irsa", - "description": "batCAVE IRSA Terraform module", - "commits_count": 17, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 18, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 16, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 7, - "total_project_lines": 854, - "average_project_lines": 66, - "total_project_comment_lines": 296, - "average_project_comment_lines": 23, - "total_project_blank_lines": 89, - "average_blank_lines": 7, - "commits_by_month": { - "2024/3": 3, - "2024/2": 1, - "2023/12": 2, - "2023/10": 1, - "2023/9": 1, - "2023/7": 1, - "2023/4": 1, - "2023/2": 1, - "2022/11": 1, - "2022/10": 4, - "2022/8": 1 + "url": "https://github.com/CMS-Enterprise/batcave-tf-irsa", + "owner": "CMS-Enterprise", + "name": "batcave-tf-irsa", + "description": "batCAVE IRSA Terraform module", + "commits_count": 17, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 18, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 16, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 7, + "total_project_lines": 854, + "average_project_lines": 66, + "total_project_comment_lines": 296, + "average_project_comment_lines": 23, + "total_project_blank_lines": 89, + "average_blank_lines": 7, + "commits_by_month": { + "2024/3": 3, + "2024/2": 1, + "2023/12": 2, + "2023/10": 1, + "2023/9": 1, + "2023/7": 1, + "2023/4": 1, + "2023/2": 1, + "2022/11": 1, + "2022/10": 4, + "2022/8": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 13786, + "CodeBytes": 0, + "Lines": 179, + "Code": 144, + "Comment": 0, + "Blank": 35, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 16475, + "CodeBytes": 0, + "Lines": 591, + "Code": 248, + "Comment": 292, + "Blank": 51, + "Complexity": 31, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 107, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 11124.825782057633, + "estimatedScheduleMonths_low": 2.577616153674582, + "estimatedPeople_low": 0.42045980232984964, + "estimatedCost_high": 34669.8159572238, + "estimatedScheduleMonths_high": 2.577616153674582, + "estimatedPeople_high": 0.42045980232984964, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 5 179 35 0 144 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nTerraform 5 591 51 292 248 31\n(ULOC) 283\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n───────────────────────────────────────────────────────────────────────────────\nTotal 13 854 89 296 469 31\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 500\nDRYness % 0.59\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $12,199\nEstimated Schedule Effort (organic) 2.58 months\nEstimated People Required (organic) 0.42\n───────────────────────────────────────────────────────────────────────────────\nProcessed 32970 bytes, 0.033 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-08-25T15:43:48Z", + "ossf_scorecard": { + "date": "2025-01-19T13:35:17Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-irsa", + "commit": "f1464265a09ca015fb20cb0d6a29c09dfba504e9" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 13786, - "CodeBytes": 0, - "Lines": 179, - "Code": 144, - "Comment": 0, - "Blank": 35, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 16475, - "CodeBytes": 0, - "Lines": 591, - "Code": 248, - "Comment": 292, - "Blank": 51, - "Complexity": 31, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 107, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 11124.825782057633, - "estimatedScheduleMonths_low": 2.577616153674582, - "estimatedPeople_low": 0.42045980232984964, - "estimatedCost_high": 34669.8159572238, - "estimatedScheduleMonths_high": 2.577616153674582, - "estimatedPeople_high": 0.42045980232984964, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 5 179 35 0 144 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nTerraform 5 591 51 292 248 31\n(ULOC) 283\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 13 854 89 296 469 31\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 500\nDRYness % 0.59\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $12,199\nEstimated Schedule Effort (organic) 2.58 months\nEstimated People Required (organic) 0.42\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 32970 bytes, 0.033 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-08-25T15:43:48Z", - "ossf_scorecard": { - "date": "2025-01-19T13:35:17Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-irsa", - "commit": "f1464265a09ca015fb20cb0d6a29c09dfba504e9" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 3, - "reason": "5 out of 16 merged PRs checked by a CI test -- score normalized to 3", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 15/16 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 16700 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 3, + "reason": "5 out of 16 merged PRs checked by a CI test -- score normalized to 3", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 15/16 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 16700 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-karpenter/batcave-tf-karpenter_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-karpenter/batcave-tf-karpenter_data.json index 7afccf4ca2..f13ac788da 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-karpenter/batcave-tf-karpenter_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-karpenter/batcave-tf-karpenter_data.json @@ -1,311 +1,311 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-karpenter", - "owner": "CMS-Enterprise", - "name": "batcave-tf-karpenter", - "description": "batCAVE Karpenter Terraform module", - "commits_count": 9, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 14, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 8, - "closed_pull_requests_count": 5, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 8, - "total_project_lines": 632, - "average_project_lines": 35, - "total_project_comment_lines": 57, - "average_project_comment_lines": 3, - "total_project_blank_lines": 72, - "average_blank_lines": 4, - "commits_by_month": { - "2023/12": 1, - "2023/10": 1, - "2023/7": 2, - "2023/1": 2, - "2022/10": 1, - "2022/4": 1, - "2022/3": 1 + "url": "https://github.com/CMS-Enterprise/batcave-tf-karpenter", + "owner": "CMS-Enterprise", + "name": "batcave-tf-karpenter", + "description": "batCAVE Karpenter Terraform module", + "commits_count": 9, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 14, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 8, + "closed_pull_requests_count": 5, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 8, + "total_project_lines": 632, + "average_project_lines": 35, + "total_project_comment_lines": 57, + "average_project_comment_lines": 3, + "total_project_blank_lines": 72, + "average_blank_lines": 4, + "commits_by_month": { + "2023/12": 1, + "2023/10": 1, + "2023/7": 2, + "2023/1": 2, + "2022/10": 1, + "2022/4": 1, + "2022/3": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 7845, + "CodeBytes": 0, + "Lines": 296, + "Code": 250, + "Comment": 11, + "Blank": 35, + "Complexity": 4, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 5165, + "CodeBytes": 0, + "Lines": 191, + "Code": 139, + "Comment": 46, + "Blank": 6, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 8074, + "CodeBytes": 0, + "Lines": 139, + "Code": 108, + "Comment": 0, + "Blank": 31, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 107, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 11973.141580261183, + "estimatedScheduleMonths_low": 2.6506104544114284, + "estimatedPeople_low": 0.44005982271436783, + "estimatedCost_high": 37313.538490367384, + "estimatedScheduleMonths_high": 2.6506104544114284, + "estimatedPeople_high": 0.44005982271436783, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 6 296 35 11 250 4\n(ULOC) 186\n-------------------------------------------------------------------------------\nYAML 6 191 6 46 139 0\n(ULOC) 152\n-------------------------------------------------------------------------------\nMarkdown 5 139 31 0 108 0\n(ULOC) 107\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n───────────────────────────────────────────────────────────────────────────────\nTotal 18 632 72 57 503 4\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 447\nDRYness % 0.71\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $13,129\nEstimated Schedule Effort (organic) 2.65 months\nEstimated People Required (organic) 0.44\n───────────────────────────────────────────────────────────────────────────────\nProcessed 21191 bytes, 0.021 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-03-10T14:21:27Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:12Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-karpenter", + "commit": "6fe0677e42c8db658198fbd6bd96cb9cb07dfa46" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 7845, - "CodeBytes": 0, - "Lines": 296, - "Code": 250, - "Comment": 11, - "Blank": 35, - "Complexity": 4, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 5165, - "CodeBytes": 0, - "Lines": 191, - "Code": 139, - "Comment": 46, - "Blank": 6, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 8074, - "CodeBytes": 0, - "Lines": 139, - "Code": 108, - "Comment": 0, - "Blank": 31, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 107, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 11973.141580261183, - "estimatedScheduleMonths_low": 2.6506104544114284, - "estimatedPeople_low": 0.44005982271436783, - "estimatedCost_high": 37313.538490367384, - "estimatedScheduleMonths_high": 2.6506104544114284, - "estimatedPeople_high": 0.44005982271436783, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 6 296 35 11 250 4\n(ULOC) 186\n-------------------------------------------------------------------------------\nYAML 6 191 6 46 139 0\n(ULOC) 152\n-------------------------------------------------------------------------------\nMarkdown 5 139 31 0 108 0\n(ULOC) 107\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 18 632 72 57 503 4\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 447\nDRYness % 0.71\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $13,129\nEstimated Schedule Effort (organic) 2.65 months\nEstimated People Required (organic) 0.44\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 21191 bytes, 0.021 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-03-10T14:21:27Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:12Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-karpenter", - "commit": "6fe0677e42c8db658198fbd6bd96cb9cb07dfa46" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 2, - "reason": "2 out of 8 merged PRs checked by a CI test -- score normalized to 2", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 8, - "reason": "Found 7/8 approved changesets -- score normalized to 8", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 8070 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 2, + "reason": "2 out of 8 merged PRs checked by a CI test -- score normalized to 2", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 8, + "reason": "Found 7/8 approved changesets -- score normalized to 8", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 8070 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-kms/batcave-tf-kms_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-kms/batcave-tf-kms_data.json index 61b6a118a1..c3cafbf3cf 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-kms/batcave-tf-kms_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-kms/batcave-tf-kms_data.json @@ -1,293 +1,293 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-kms", - "owner": "CMS-Enterprise", - "name": "batcave-tf-kms", - "description": "batCAVE KMS Terraform module", - "commits_count": 4, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 5, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 3, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 6, - "total_project_lines": 109, - "average_project_lines": 18, - "total_project_comment_lines": 8, - "average_project_comment_lines": 1, - "total_project_blank_lines": 15, - "average_blank_lines": 3, - "commits_by_month": { - "2023/10": 1, - "2022/11": 1, - "2022/10": 1, - "2022/3": 1 + "url": "https://github.com/CMS-Enterprise/batcave-tf-kms", + "owner": "CMS-Enterprise", + "name": "batcave-tf-kms", + "description": "batCAVE KMS Terraform module", + "commits_count": 4, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 5, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 3, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 6, + "total_project_lines": 109, + "average_project_lines": 18, + "total_project_comment_lines": 8, + "average_project_comment_lines": 1, + "total_project_blank_lines": 15, + "average_blank_lines": 3, + "commits_by_month": { + "2023/10": 1, + "2022/11": 1, + "2022/10": 1, + "2022/3": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 1558, + "CodeBytes": 0, + "Lines": 68, + "Code": 52, + "Comment": 6, + "Blank": 10, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1111, + "CodeBytes": 0, + "Lines": 22, + "Code": 17, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 733, + "CodeBytes": 0, + "Lines": 19, + "Code": 17, + "Comment": 2, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 1874.0669747171519, + "estimatedScheduleMonths_low": 1.3100418286361637, + "estimatedPeople_low": 0.13936363098944277, + "estimatedCost_high": 5840.411200842861, + "estimatedScheduleMonths_high": 1.3100418286361637, + "estimatedPeople_high": 0.13936363098944277, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 3 68 10 6 52 0\n(ULOC) 43\n-------------------------------------------------------------------------------\nMarkdown 2 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n───────────────────────────────────────────────────────────────────────────────\nTotal 6 109 15 8 86 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 78\nDRYness % 0.72\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $2,055\nEstimated Schedule Effort (organic) 1.31 months\nEstimated People Required (organic) 0.14\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3402 bytes, 0.003 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-03-10T14:22:49Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:59Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-kms", + "commit": "6c6b662f2979baebe57c27e3cad0cad6b0f179c4" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 1558, - "CodeBytes": 0, - "Lines": 68, - "Code": 52, - "Comment": 6, - "Blank": 10, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1111, - "CodeBytes": 0, - "Lines": 22, - "Code": 17, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 733, - "CodeBytes": 0, - "Lines": 19, - "Code": 17, - "Comment": 2, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 1874.0669747171519, - "estimatedScheduleMonths_low": 1.3100418286361637, - "estimatedPeople_low": 0.13936363098944277, - "estimatedCost_high": 5840.411200842861, - "estimatedScheduleMonths_high": 1.3100418286361637, - "estimatedPeople_high": 0.13936363098944277, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 3 68 10 6 52 0\n(ULOC) 43\n-------------------------------------------------------------------------------\nMarkdown 2 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 6 109 15 8 86 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 78\nDRYness % 0.72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $2,055\nEstimated Schedule Effort (organic) 1.31 months\nEstimated People Required (organic) 0.14\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 3402 bytes, 0.003 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-03-10T14:22:49Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:59Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-kms", - "commit": "6c6b662f2979baebe57c27e3cad0cad6b0f179c4" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 7, - "reason": "Found 3/4 approved changesets -- score normalized to 7", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 1783 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 7, + "reason": "Found 3/4 approved changesets -- score normalized to 7", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 1783 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-lambda/batcave-tf-lambda_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-lambda/batcave-tf-lambda_data.json index 35ca2ee9d1..095d689ca6 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-lambda/batcave-tf-lambda_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-lambda/batcave-tf-lambda_data.json @@ -1,279 +1,279 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-lambda", - "owner": "CMS-Enterprise", - "name": "batcave-tf-lambda", - "description": "batCAVE AWS Lambda Terraform module", - "commits_count": 12, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 6, - "total_project_lines": 204, - "average_project_lines": 41, - "total_project_comment_lines": 11, - "average_project_comment_lines": 2, - "total_project_blank_lines": 31, - "average_blank_lines": 6, - "commits_by_month": { - "2024/5": 2, - "2024/3": 1, - "2024/1": 3, - "2023/12": 5, - "2023/10": 1 + "url": "https://github.com/CMS-Enterprise/batcave-tf-lambda", + "owner": "CMS-Enterprise", + "name": "batcave-tf-lambda", + "description": "batCAVE AWS Lambda Terraform module", + "commits_count": 12, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 6, + "total_project_lines": 204, + "average_project_lines": 41, + "total_project_comment_lines": 11, + "average_project_comment_lines": 2, + "total_project_blank_lines": 31, + "average_blank_lines": 6, + "commits_by_month": { + "2024/5": 2, + "2024/3": 1, + "2024/1": 3, + "2023/12": 5, + "2023/10": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 3705, + "CodeBytes": 0, + "Lines": 127, + "Code": 104, + "Comment": 11, + "Blank": 12, + "Complexity": 8, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 4510, + "CodeBytes": 0, + "Lines": 77, + "Code": 58, + "Comment": 0, + "Blank": 19, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 3643.7829465672103, + "estimatedScheduleMonths_low": 1.6866181569439265, + "estimatedPeople_low": 0.2104675936545201, + "estimatedCost_high": 11355.619100957294, + "estimatedScheduleMonths_high": 1.6866181569439265, + "estimatedPeople_high": 0.2104675936545201, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 4 127 12 11 104 8\n(ULOC) 103\n-------------------------------------------------------------------------------\nMarkdown 1 77 19 0 58 0\n(ULOC) 59\n───────────────────────────────────────────────────────────────────────────────\nTotal 5 204 31 11 162 8\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 161\nDRYness % 0.79\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $3,995\nEstimated Schedule Effort (organic) 1.69 months\nEstimated People Required (organic) 0.21\n───────────────────────────────────────────────────────────────────────────────\nProcessed 8215 bytes, 0.008 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-10-27T13:05:56Z", + "ossf_scorecard": { + "date": "2025-01-19T13:35:52Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-lambda", + "commit": "4c4cdda5c6af2e96ac067fe4185950099745c775" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 3705, - "CodeBytes": 0, - "Lines": 127, - "Code": 104, - "Comment": 11, - "Blank": 12, - "Complexity": 8, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 4510, - "CodeBytes": 0, - "Lines": 77, - "Code": 58, - "Comment": 0, - "Blank": 19, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 3643.7829465672103, - "estimatedScheduleMonths_low": 1.6866181569439265, - "estimatedPeople_low": 0.2104675936545201, - "estimatedCost_high": 11355.619100957294, - "estimatedScheduleMonths_high": 1.6866181569439265, - "estimatedPeople_high": 0.2104675936545201, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 4 127 12 11 104 8\n(ULOC) 103\n-------------------------------------------------------------------------------\nMarkdown 1 77 19 0 58 0\n(ULOC) 59\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 5 204 31 11 162 8\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 161\nDRYness % 0.79\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $3,995\nEstimated Schedule Effort (organic) 1.69 months\nEstimated People Required (organic) 0.21\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 8215 bytes, 0.008 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-10-27T13:05:56Z", - "ossf_scorecard": { - "date": "2025-01-19T13:35:52Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-lambda", - "commit": "4c4cdda5c6af2e96ac067fe4185950099745c775" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 2.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/9 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 3705 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/9 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 3705 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-misc-modules/batcave-tf-misc-modules_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-misc-modules/batcave-tf-misc-modules_data.json index 6d52ceb61e..bf63cf1c09 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-misc-modules/batcave-tf-misc-modules_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-misc-modules/batcave-tf-misc-modules_data.json @@ -1,378 +1,378 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-misc-modules", - "owner": "CMS-Enterprise", - "name": "batcave-tf-misc-modules", - "description": "IAC scripts that will help manage batCAVE landing zone resources.", - "commits_count": 35, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 39, - "open_pull_requests_count": 3, - "merged_pull_requests_count": 34, - "closed_pull_requests_count": 2, - "forks_count": 0, - "stargazers_count": 3, - "watchers_count": 8, - "total_project_lines": 2519, - "average_project_lines": 47, - "total_project_comment_lines": 403, - "average_project_comment_lines": 7, - "total_project_blank_lines": 288, - "average_blank_lines": 5, - "commits_by_month": { - "2023/11": 3, - "2023/10": 1, - "2023/9": 3, - "2023/8": 3, - "2023/7": 2, - "2023/6": 2, - "2023/4": 7, - "2023/3": 2, - "2023/2": 2, - "2022/11": 3, - "2022/10": 2 + "url": "https://github.com/CMS-Enterprise/batcave-tf-misc-modules", + "owner": "CMS-Enterprise", + "name": "batcave-tf-misc-modules", + "description": "IAC scripts that will help manage batCAVE landing zone resources.", + "commits_count": 35, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 39, + "open_pull_requests_count": 3, + "merged_pull_requests_count": 34, + "closed_pull_requests_count": 2, + "forks_count": 0, + "stargazers_count": 3, + "watchers_count": 8, + "total_project_lines": 2519, + "average_project_lines": 47, + "total_project_comment_lines": 403, + "average_project_comment_lines": 7, + "total_project_blank_lines": 288, + "average_blank_lines": 5, + "commits_by_month": { + "2023/11": 3, + "2023/10": 1, + "2023/9": 3, + "2023/8": 3, + "2023/7": 2, + "2023/6": 2, + "2023/4": 7, + "2023/3": 2, + "2023/2": 2, + "2022/11": 3, + "2022/10": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 53145, + "CodeBytes": 0, + "Lines": 2017, + "Code": 1419, + "Comment": 396, + "Blank": 202, + "Complexity": 156, + "Count": 37, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 9950, + "CodeBytes": 0, + "Lines": 160, + "Code": 117, + "Comment": 0, + "Blank": 43, + "Complexity": 0, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 10900, + "CodeBytes": 0, + "Lines": 298, + "Code": 255, + "Comment": 4, + "Blank": 39, + "Complexity": 61, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 107, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 52, + "CodeBytes": 0, + "Lines": 3, + "Code": 3, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 352, + "CodeBytes": 0, + "Lines": 16, + "Code": 11, + "Comment": 1, + "Blank": 4, + "Complexity": 2, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 733, + "CodeBytes": 0, + "Lines": 19, + "Code": 17, + "Comment": 2, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 46412.68941596859, + "estimatedScheduleMonths_low": 4.435563294282049, + "estimatedPeople_low": 1.0193831762724126, + "estimatedCost_high": 144642.21118200733, + "estimatedScheduleMonths_high": 4.435563294282049, + "estimatedPeople_high": 1.0193831762724126, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 37 2017 202 396 1419 156\n(ULOC) 934\n-------------------------------------------------------------------------------\nMarkdown 8 160 43 0 117 0\n(ULOC) 98\n-------------------------------------------------------------------------------\nPython 5 298 39 4 255 61\n(ULOC) 238\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nPlain Text 1 3 0 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nShell 1 16 4 1 11 2\n(ULOC) 13\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n───────────────────────────────────────────────────────────────────────────────\nTotal 54 2519 288 403 1828 219\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1300\nDRYness % 0.52\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $50,894\nEstimated Schedule Effort (organic) 4.44 months\nEstimated People Required (organic) 1.02\n───────────────────────────────────────────────────────────────────────────────\nProcessed 75239 bytes, 0.075 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-08-10T15:28:44Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:49Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-misc-modules", + "commit": "e5771ddac4209fb5082d6c2989f3c69c3741a830" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 53145, - "CodeBytes": 0, - "Lines": 2017, - "Code": 1419, - "Comment": 396, - "Blank": 202, - "Complexity": 156, - "Count": 37, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 9950, - "CodeBytes": 0, - "Lines": 160, - "Code": 117, - "Comment": 0, - "Blank": 43, - "Complexity": 0, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 10900, - "CodeBytes": 0, - "Lines": 298, - "Code": 255, - "Comment": 4, - "Blank": 39, - "Complexity": 61, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 107, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 52, - "CodeBytes": 0, - "Lines": 3, - "Code": 3, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 352, - "CodeBytes": 0, - "Lines": 16, - "Code": 11, - "Comment": 1, - "Blank": 4, - "Complexity": 2, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 733, - "CodeBytes": 0, - "Lines": 19, - "Code": 17, - "Comment": 2, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 46412.68941596859, - "estimatedScheduleMonths_low": 4.435563294282049, - "estimatedPeople_low": 1.0193831762724126, - "estimatedCost_high": 144642.21118200733, - "estimatedScheduleMonths_high": 4.435563294282049, - "estimatedPeople_high": 1.0193831762724126, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 37 2017 202 396 1419 156\n(ULOC) 934\n-------------------------------------------------------------------------------\nMarkdown 8 160 43 0 117 0\n(ULOC) 98\n-------------------------------------------------------------------------------\nPython 5 298 39 4 255 61\n(ULOC) 238\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nPlain Text 1 3 0 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nShell 1 16 4 1 11 2\n(ULOC) 13\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 54 2519 288 403 1828 219\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1300\nDRYness % 0.52\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $50,894\nEstimated Schedule Effort (organic) 4.44 months\nEstimated People Required (organic) 1.02\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 75239 bytes, 0.075 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-08-10T15:28:44Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:49Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-misc-modules", - "commit": "e5771ddac4209fb5082d6c2989f3c69c3741a830" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.0, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 30 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 53370, - "Python": 10900, - "Shell": 352 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "boto3", - 2.3315068493, - "2025-01-02T18:01:47.000" - ], - [ - "botocore", - 2.3315068493, - "2025-01-02T18:01:47.000" - ], - [ - "kubernetes", - 2.2465753425, - "2025-01-02T18:01:47.000" - ] + "score": 5.0, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 30 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 53370, + "Python": 10900, + "Shell": 352 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "boto3", + 2.3315068493, + "2025-01-02T18:01:47.000" + ], + [ + "botocore", + 2.3315068493, + "2025-01-02T18:01:47.000" + ], + [ + "kubernetes", + 2.2465753425, + "2025-01-02T18:01:47.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-mssql/batcave-tf-mssql_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-mssql/batcave-tf-mssql_data.json index 0546d495d0..999c1a4a7e 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-mssql/batcave-tf-mssql_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-mssql/batcave-tf-mssql_data.json @@ -1,294 +1,294 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-mssql", - "owner": "CMS-Enterprise", - "name": "batcave-tf-mssql", - "description": "batCAVE Microsoft SQL Server Terraform module", - "commits_count": 8, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 9, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 7, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 587, - "average_project_lines": 65, - "total_project_comment_lines": 7, - "average_project_comment_lines": 1, - "total_project_blank_lines": 96, - "average_blank_lines": 11, - "commits_by_month": { - "2024/1": 1, - "2023/12": 1, - "2023/8": 1, - "2023/7": 4, - "2023/1": 1 + "url": "https://github.com/CMS-Enterprise/batcave-tf-mssql", + "owner": "CMS-Enterprise", + "name": "batcave-tf-mssql", + "description": "batCAVE Microsoft SQL Server Terraform module", + "commits_count": 8, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 9, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 7, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 587, + "average_project_lines": 65, + "total_project_comment_lines": 7, + "average_project_comment_lines": 1, + "total_project_blank_lines": 96, + "average_blank_lines": 11, + "commits_by_month": { + "2024/1": 1, + "2023/12": 1, + "2023/8": 1, + "2023/7": 4, + "2023/1": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 11601, + "CodeBytes": 0, + "Lines": 172, + "Code": 136, + "Comment": 0, + "Blank": 36, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 8447, + "CodeBytes": 0, + "Lines": 337, + "Code": 277, + "Comment": 3, + "Blank": 57, + "Complexity": 17, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 11498.716415242416, + "estimatedScheduleMonths_low": 2.6101987648103493, + "estimatedPeople_low": 0.4291659834565262, + "estimatedCost_high": 35835.022468731855, + "estimatedScheduleMonths_high": 2.6101987648103493, + "estimatedPeople_high": 0.4291659834565262, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 4 172 36 0 136 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nTerraform 3 337 57 3 277 17\n(ULOC) 201\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n───────────────────────────────────────────────────────────────────────────────\nTotal 9 587 96 7 484 17\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 404\nDRYness % 0.69\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $12,609\nEstimated Schedule Effort (organic) 2.61 months\nEstimated People Required (organic) 0.43\n───────────────────────────────────────────────────────────────────────────────\nProcessed 22650 bytes, 0.023 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-01-27T14:29:16Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:17Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-mssql", + "commit": "0e1a8fec1b6d1c1b23b04417513baa522cb77cd6" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 11601, - "CodeBytes": 0, - "Lines": 172, - "Code": 136, - "Comment": 0, - "Blank": 36, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 8447, - "CodeBytes": 0, - "Lines": 337, - "Code": 277, - "Comment": 3, - "Blank": 57, - "Complexity": 17, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 11498.716415242416, - "estimatedScheduleMonths_low": 2.6101987648103493, - "estimatedPeople_low": 0.4291659834565262, - "estimatedCost_high": 35835.022468731855, - "estimatedScheduleMonths_high": 2.6101987648103493, - "estimatedPeople_high": 0.4291659834565262, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 4 172 36 0 136 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nTerraform 3 337 57 3 277 17\n(ULOC) 201\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 9 587 96 7 484 17\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 404\nDRYness % 0.69\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $12,609\nEstimated Schedule Effort (organic) 2.61 months\nEstimated People Required (organic) 0.43\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 22650 bytes, 0.023 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-01-27T14:29:16Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:17Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-mssql", - "commit": "0e1a8fec1b6d1c1b23b04417513baa522cb77cd6" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.7, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 2, - "reason": "2 out of 7 merged PRs checked by a CI test -- score normalized to 2", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 8, - "reason": "Found 7/8 approved changesets -- score normalized to 8", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 8672 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.7, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 2, + "reason": "2 out of 7 merged PRs checked by a CI test -- score normalized to 2", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 8, + "reason": "Found 7/8 approved changesets -- score normalized to 8", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 8672 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-mysql/batcave-tf-mysql_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-mysql/batcave-tf-mysql_data.json index 04d82ba3a5..4df8060b48 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-mysql/batcave-tf-mysql_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-mysql/batcave-tf-mysql_data.json @@ -1,311 +1,311 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-mysql", - "owner": "CMS-Enterprise", - "name": "batcave-tf-mysql", - "description": "batCAVE MySQL Terraform module", - "commits_count": 16, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 21, - "open_pull_requests_count": 3, - "merged_pull_requests_count": 17, - "closed_pull_requests_count": 1, - "forks_count": 0, - "stargazers_count": 2, - "watchers_count": 8, - "total_project_lines": 648, - "average_project_lines": 59, - "total_project_comment_lines": 22, - "average_project_comment_lines": 2, - "total_project_blank_lines": 92, - "average_blank_lines": 8, - "commits_by_month": { - "2024/1": 2, - "2023/12": 1, - "2023/10": 3, - "2023/8": 1, - "2023/7": 5, - "2023/5": 2, - "2022/7": 2 + "url": "https://github.com/CMS-Enterprise/batcave-tf-mysql", + "owner": "CMS-Enterprise", + "name": "batcave-tf-mysql", + "description": "batCAVE MySQL Terraform module", + "commits_count": 16, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 21, + "open_pull_requests_count": 3, + "merged_pull_requests_count": 17, + "closed_pull_requests_count": 1, + "forks_count": 0, + "stargazers_count": 2, + "watchers_count": 8, + "total_project_lines": 648, + "average_project_lines": 59, + "total_project_comment_lines": 22, + "average_project_comment_lines": 2, + "total_project_blank_lines": 92, + "average_blank_lines": 8, + "commits_by_month": { + "2024/1": 2, + "2023/12": 1, + "2023/10": 3, + "2023/8": 1, + "2023/7": 5, + "2023/5": 2, + "2022/7": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 13267, + "CodeBytes": 0, + "Lines": 167, + "Code": 135, + "Comment": 0, + "Blank": 32, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 10604, + "CodeBytes": 0, + "Lines": 397, + "Code": 322, + "Comment": 18, + "Blank": 57, + "Complexity": 7, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 107, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 12749.115439830588, + "estimatedScheduleMonths_low": 2.7146212353623, + "estimatedPeople_low": 0.457530783510233, + "estimatedCost_high": 39731.81194704276, + "estimatedScheduleMonths_high": 2.7146212353623, + "estimatedPeople_high": 0.457530783510233, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 5 167 32 0 135 0\n(ULOC) 134\n-------------------------------------------------------------------------------\nTerraform 3 397 57 18 322 7\n(ULOC) 225\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n───────────────────────────────────────────────────────────────────────────────\nTotal 11 648 92 22 534 7\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 433\nDRYness % 0.67\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $13,980\nEstimated Schedule Effort (organic) 2.71 months\nEstimated People Required (organic) 0.46\n───────────────────────────────────────────────────────────────────────────────\nProcessed 26580 bytes, 0.027 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-06-30T16:41:38Z", + "ossf_scorecard": { + "date": "2025-01-19T13:35:34Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-mysql", + "commit": "c552ea7e85706cfe00b607c0cd71e4f4874f5e03" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 13267, - "CodeBytes": 0, - "Lines": 167, - "Code": 135, - "Comment": 0, - "Blank": 32, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 10604, - "CodeBytes": 0, - "Lines": 397, - "Code": 322, - "Comment": 18, - "Blank": 57, - "Complexity": 7, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 107, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 12749.115439830588, - "estimatedScheduleMonths_low": 2.7146212353623, - "estimatedPeople_low": 0.457530783510233, - "estimatedCost_high": 39731.81194704276, - "estimatedScheduleMonths_high": 2.7146212353623, - "estimatedPeople_high": 0.457530783510233, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 5 167 32 0 135 0\n(ULOC) 134\n-------------------------------------------------------------------------------\nTerraform 3 397 57 18 322 7\n(ULOC) 225\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 11 648 92 22 534 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 433\nDRYness % 0.67\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $13,980\nEstimated Schedule Effort (organic) 2.71 months\nEstimated People Required (organic) 0.46\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 26580 bytes, 0.027 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-06-30T16:41:38Z", - "ossf_scorecard": { - "date": "2025-01-19T13:35:34Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-mysql", - "commit": "c552ea7e85706cfe00b607c0cd71e4f4874f5e03" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 1, - "reason": "2 out of 14 merged PRs checked by a CI test -- score normalized to 1", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 8, - "reason": "Found 13/15 approved changesets -- score normalized to 8", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 10829 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 1, + "reason": "2 out of 14 merged PRs checked by a CI test -- score normalized to 1", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 8, + "reason": "Found 13/15 approved changesets -- score normalized to 8", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 10829 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-postgresql/batcave-tf-postgresql_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-postgresql/batcave-tf-postgresql_data.json index 3718f27d61..5e09a39fa8 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-postgresql/batcave-tf-postgresql_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-postgresql/batcave-tf-postgresql_data.json @@ -1,299 +1,299 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-postgresql", - "owner": "CMS-Enterprise", - "name": "batcave-tf-postgresql", - "description": "batCAVE PostgreSQL Terraform module", - "commits_count": 15, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 18, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 14, - "closed_pull_requests_count": 3, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 6, - "total_project_lines": 667, - "average_project_lines": 67, - "total_project_comment_lines": 15, - "average_project_comment_lines": 2, - "total_project_blank_lines": 95, - "average_blank_lines": 10, - "commits_by_month": { - "2024/1": 1, - "2023/12": 1, - "2023/10": 1, - "2023/8": 1, - "2023/7": 5, - "2023/4": 1, - "2023/1": 1, - "2022/12": 2, - "2022/10": 1, - "2022/3": 1 + "url": "https://github.com/CMS-Enterprise/batcave-tf-postgresql", + "owner": "CMS-Enterprise", + "name": "batcave-tf-postgresql", + "description": "batCAVE PostgreSQL Terraform module", + "commits_count": 15, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 18, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 14, + "closed_pull_requests_count": 3, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 6, + "total_project_lines": 667, + "average_project_lines": 67, + "total_project_comment_lines": 15, + "average_project_comment_lines": 2, + "total_project_blank_lines": 95, + "average_blank_lines": 10, + "commits_by_month": { + "2024/1": 1, + "2023/12": 1, + "2023/10": 1, + "2023/8": 1, + "2023/7": 5, + "2023/4": 1, + "2023/1": 1, + "2022/12": 2, + "2022/10": 1, + "2022/3": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 13883, + "CodeBytes": 0, + "Lines": 166, + "Code": 135, + "Comment": 0, + "Blank": 31, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 11993, + "CodeBytes": 0, + "Lines": 423, + "Code": 351, + "Comment": 11, + "Blank": 61, + "Complexity": 19, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 13326.303154018688, + "estimatedScheduleMonths_low": 2.760682761484409, + "estimatedPeople_low": 0.4702650391465739, + "estimatedCost_high": 41530.58095391983, + "estimatedScheduleMonths_high": 2.760682761484409, + "estimatedPeople_high": 0.4702650391465739, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 5 166 31 0 135 0\n(ULOC) 134\n-------------------------------------------------------------------------------\nTerraform 3 423 61 11 351 19\n(ULOC) 246\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n───────────────────────────────────────────────────────────────────────────────\nTotal 10 667 95 15 557 19\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 450\nDRYness % 0.67\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $14,613\nEstimated Schedule Effort (organic) 2.76 months\nEstimated People Required (organic) 0.47\n───────────────────────────────────────────────────────────────────────────────\nProcessed 28478 bytes, 0.028 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-03-10T14:23:56Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:22Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-postgresql", + "commit": "69448c2a3889feafbe7bba4397005724409b66ee" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 13883, - "CodeBytes": 0, - "Lines": 166, - "Code": 135, - "Comment": 0, - "Blank": 31, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 11993, - "CodeBytes": 0, - "Lines": 423, - "Code": 351, - "Comment": 11, - "Blank": 61, - "Complexity": 19, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 13326.303154018688, - "estimatedScheduleMonths_low": 2.760682761484409, - "estimatedPeople_low": 0.4702650391465739, - "estimatedCost_high": 41530.58095391983, - "estimatedScheduleMonths_high": 2.760682761484409, - "estimatedPeople_high": 0.4702650391465739, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 5 166 31 0 135 0\n(ULOC) 134\n-------------------------------------------------------------------------------\nTerraform 3 423 61 11 351 19\n(ULOC) 246\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 10 667 95 15 557 19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 450\nDRYness % 0.67\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $14,613\nEstimated Schedule Effort (organic) 2.76 months\nEstimated People Required (organic) 0.47\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 28478 bytes, 0.028 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-03-10T14:23:56Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:22Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-postgresql", - "commit": "69448c2a3889feafbe7bba4397005724409b66ee" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.7, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 1, - "reason": "2 out of 14 merged PRs checked by a CI test -- score normalized to 1", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 14/15 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 12218 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.7, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 1, + "reason": "2 out of 14 merged PRs checked by a CI test -- score normalized to 1", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 14/15 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 12218 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-redis/batcave-tf-redis_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-redis/batcave-tf-redis_data.json index 0dfd15893f..2f17f213fa 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-redis/batcave-tf-redis_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-redis/batcave-tf-redis_data.json @@ -1,291 +1,291 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-redis", - "owner": "CMS-Enterprise", - "name": "batcave-tf-redis", - "description": "batCAVE Redis Terraform module", - "commits_count": 15, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 3, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 2, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 287, - "average_project_lines": 32, - "total_project_comment_lines": 20, - "average_project_comment_lines": 2, - "total_project_blank_lines": 48, - "average_blank_lines": 5, - "commits_by_month": { - "2023/12": 1, - "2023/10": 14 + "url": "https://github.com/CMS-Enterprise/batcave-tf-redis", + "owner": "CMS-Enterprise", + "name": "batcave-tf-redis", + "description": "batCAVE Redis Terraform module", + "commits_count": 15, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 3, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 2, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 287, + "average_project_lines": 32, + "total_project_comment_lines": 20, + "average_project_comment_lines": 2, + "total_project_blank_lines": 48, + "average_blank_lines": 5, + "commits_by_month": { + "2023/12": 1, + "2023/10": 14 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 4977, + "CodeBytes": 0, + "Lines": 103, + "Code": 76, + "Comment": 0, + "Blank": 27, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 2360, + "CodeBytes": 0, + "Lines": 106, + "Code": 72, + "Comment": 16, + "Blank": 18, + "Complexity": 3, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 5000.668369140514, + "estimatedScheduleMonths_low": 1.902205715901596, + "estimatedPeople_low": 0.25610619271503016, + "estimatedCost_high": 15584.266703828363, + "estimatedScheduleMonths_high": 1.902205715901596, + "estimatedPeople_high": 0.25610619271503016, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 4 103 27 0 76 0\n(ULOC) 75\n-------------------------------------------------------------------------------\nTerraform 3 106 18 16 72 3\n(ULOC) 65\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n───────────────────────────────────────────────────────────────────────────────\nTotal 9 287 48 20 219 3\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 210\nDRYness % 0.73\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $5,483\nEstimated Schedule Effort (organic) 1.90 months\nEstimated People Required (organic) 0.26\n───────────────────────────────────────────────────────────────────────────────\nProcessed 9939 bytes, 0.010 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-10-20T13:04:05Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:38Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-redis", + "commit": "6afcfc3b47ce3d85c58a00fac20fd9e337084567" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 4977, - "CodeBytes": 0, - "Lines": 103, - "Code": 76, - "Comment": 0, - "Blank": 27, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 2360, - "CodeBytes": 0, - "Lines": 106, - "Code": 72, - "Comment": 16, - "Blank": 18, - "Complexity": 3, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 5000.668369140514, - "estimatedScheduleMonths_low": 1.902205715901596, - "estimatedPeople_low": 0.25610619271503016, - "estimatedCost_high": 15584.266703828363, - "estimatedScheduleMonths_high": 1.902205715901596, - "estimatedPeople_high": 0.25610619271503016, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 4 103 27 0 76 0\n(ULOC) 75\n-------------------------------------------------------------------------------\nTerraform 3 106 18 16 72 3\n(ULOC) 65\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 9 287 48 20 219 3\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 210\nDRYness % 0.73\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $5,483\nEstimated Schedule Effort (organic) 1.90 months\nEstimated People Required (organic) 0.26\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 9939 bytes, 0.010 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-10-20T13:04:05Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:38Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-redis", - "commit": "6afcfc3b47ce3d85c58a00fac20fd9e337084567" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 5, - "reason": "1 out of 2 merged PRs checked by a CI test -- score normalized to 5", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 1, - "reason": "Found 2/15 approved changesets -- score normalized to 1", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 2585 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 5, + "reason": "1 out of 2 merged PRs checked by a CI test -- score normalized to 5", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 1, + "reason": "Found 2/15 approved changesets -- score normalized to 1", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 2585 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-route53/batcave-tf-route53_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-route53/batcave-tf-route53_data.json index 0a57d52606..aff4f4d4d8 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-route53/batcave-tf-route53_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-route53/batcave-tf-route53_data.json @@ -1,309 +1,309 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-route53", - "owner": "CMS-Enterprise", - "name": "batcave-tf-route53", - "description": "batCAVE Route53 Terraform module", - "commits_count": 24, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 7, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 6, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 10, - "total_project_lines": 296, - "average_project_lines": 21, - "total_project_comment_lines": 7, - "average_project_comment_lines": 1, - "total_project_blank_lines": 45, - "average_blank_lines": 3, - "commits_by_month": { - "2023/12": 1, - "2023/10": 1, - "2023/7": 1, - "2022/10": 1, - "2022/5": 20 + "url": "https://github.com/CMS-Enterprise/batcave-tf-route53", + "owner": "CMS-Enterprise", + "name": "batcave-tf-route53", + "description": "batCAVE Route53 Terraform module", + "commits_count": 24, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 7, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 6, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 10, + "total_project_lines": 296, + "average_project_lines": 21, + "total_project_comment_lines": 7, + "average_project_comment_lines": 1, + "total_project_blank_lines": 45, + "average_blank_lines": 3, + "commits_by_month": { + "2023/12": 1, + "2023/10": 1, + "2023/7": 1, + "2022/10": 1, + "2022/5": 20 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 2271, + "CodeBytes": 0, + "Lines": 96, + "Code": 82, + "Comment": 3, + "Blank": 11, + "Complexity": 7, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 5029, + "CodeBytes": 0, + "Lines": 116, + "Code": 85, + "Comment": 0, + "Blank": 31, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 107, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 5601.715541814958, + "estimatedScheduleMonths_low": 1.9860437958021004, + "estimatedPeople_low": 0.2747778607965944, + "estimatedCost_high": 17457.39220408033, + "estimatedScheduleMonths_high": 1.9860437958021004, + "estimatedPeople_high": 0.2747778607965944, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 6 96 11 3 82 7\n(ULOC) 56\n-------------------------------------------------------------------------------\nMarkdown 5 116 31 0 85 0\n(ULOC) 84\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n───────────────────────────────────────────────────────────────────────────────\nTotal 14 296 45 7 244 7\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 215\nDRYness % 0.73\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $6,142\nEstimated Schedule Effort (organic) 1.99 months\nEstimated People Required (organic) 0.27\n───────────────────────────────────────────────────────────────────────────────\nProcessed 10009 bytes, 0.010 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-04-22T18:05:56Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:28Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-route53", + "commit": "3079e0fd62b611f805d82d504f890ff289d89fea" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 2271, - "CodeBytes": 0, - "Lines": 96, - "Code": 82, - "Comment": 3, - "Blank": 11, - "Complexity": 7, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 5029, - "CodeBytes": 0, - "Lines": 116, - "Code": 85, - "Comment": 0, - "Blank": 31, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 107, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 5601.715541814958, - "estimatedScheduleMonths_low": 1.9860437958021004, - "estimatedPeople_low": 0.2747778607965944, - "estimatedCost_high": 17457.39220408033, - "estimatedScheduleMonths_high": 1.9860437958021004, - "estimatedPeople_high": 0.2747778607965944, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 6 96 11 3 82 7\n(ULOC) 56\n-------------------------------------------------------------------------------\nMarkdown 5 116 31 0 85 0\n(ULOC) 84\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 14 296 45 7 244 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 215\nDRYness % 0.73\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $6,142\nEstimated Schedule Effort (organic) 1.99 months\nEstimated People Required (organic) 0.27\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 10009 bytes, 0.010 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-04-22T18:05:56Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:28Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-route53", - "commit": "3079e0fd62b611f805d82d504f890ff289d89fea" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 1, - "reason": "1 out of 6 merged PRs checked by a CI test -- score normalized to 1", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 1, - "reason": "Found 4/22 approved changesets -- score normalized to 1", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 6, - "reason": "project has 2 contributing companies or organizations -- score normalized to 6", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 2721 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 1, + "reason": "1 out of 6 merged PRs checked by a CI test -- score normalized to 1", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 1, + "reason": "Found 4/22 approved changesets -- score normalized to 1", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 6, + "reason": "project has 2 contributing companies or organizations -- score normalized to 6", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 2721 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-s3-replication/batcave-tf-s3-replication_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-s3-replication/batcave-tf-s3-replication_data.json index a7c5cf249d..6efc9fa2b7 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-s3-replication/batcave-tf-s3-replication_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-s3-replication/batcave-tf-s3-replication_data.json @@ -1,292 +1,292 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-s3-replication", - "owner": "CMS-Enterprise", - "name": "batcave-tf-s3-replication", - "description": "batCAVE S3 replication Terraform module", - "commits_count": 8, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 4, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 2, - "closed_pull_requests_count": 1, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 6, - "total_project_lines": 277, - "average_project_lines": 40, - "total_project_comment_lines": 23, - "average_project_comment_lines": 3, - "total_project_blank_lines": 38, - "average_blank_lines": 5, - "commits_by_month": { - "2023/10": 1, - "2023/7": 1, - "2023/5": 6 + "url": "https://github.com/CMS-Enterprise/batcave-tf-s3-replication", + "owner": "CMS-Enterprise", + "name": "batcave-tf-s3-replication", + "description": "batCAVE S3 replication Terraform module", + "commits_count": 8, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 4, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 2, + "closed_pull_requests_count": 1, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 6, + "total_project_lines": 277, + "average_project_lines": 40, + "total_project_comment_lines": 23, + "average_project_comment_lines": 3, + "total_project_blank_lines": 38, + "average_blank_lines": 5, + "commits_by_month": { + "2023/10": 1, + "2023/7": 1, + "2023/5": 6 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 6880, + "CodeBytes": 0, + "Lines": 236, + "Code": 182, + "Comment": 21, + "Blank": 33, + "Complexity": 11, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1111, + "CodeBytes": 0, + "Lines": 22, + "Code": 17, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 733, + "CodeBytes": 0, + "Lines": 19, + "Code": 17, + "Comment": 2, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 4928.765687644769, + "estimatedScheduleMonths_low": 1.8917656142440344, + "estimatedPeople_low": 0.2538167934285363, + "estimatedCost_high": 15360.186544451048, + "estimatedScheduleMonths_high": 1.8917656142440344, + "estimatedPeople_high": 0.2538167934285363, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 4 236 33 21 182 11\n(ULOC) 134\n-------------------------------------------------------------------------------\nMarkdown 2 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n───────────────────────────────────────────────────────────────────────────────\nTotal 7 277 38 23 216 11\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 169\nDRYness % 0.61\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $5,404\nEstimated Schedule Effort (organic) 1.89 months\nEstimated People Required (organic) 0.25\n───────────────────────────────────────────────────────────────────────────────\nProcessed 8724 bytes, 0.009 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-06-16T13:45:52Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:24Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-s3-replication", + "commit": "0c9f1b0beaa0ee420f69c701986691db4922311c" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 6880, - "CodeBytes": 0, - "Lines": 236, - "Code": 182, - "Comment": 21, - "Blank": 33, - "Complexity": 11, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1111, - "CodeBytes": 0, - "Lines": 22, - "Code": 17, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 733, - "CodeBytes": 0, - "Lines": 19, - "Code": 17, - "Comment": 2, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 4928.765687644769, - "estimatedScheduleMonths_low": 1.8917656142440344, - "estimatedPeople_low": 0.2538167934285363, - "estimatedCost_high": 15360.186544451048, - "estimatedScheduleMonths_high": 1.8917656142440344, - "estimatedPeople_high": 0.2538167934285363, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 4 236 33 21 182 11\n(ULOC) 134\n-------------------------------------------------------------------------------\nMarkdown 2 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 7 277 38 23 216 11\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 169\nDRYness % 0.61\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $5,404\nEstimated Schedule Effort (organic) 1.89 months\nEstimated People Required (organic) 0.25\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 8724 bytes, 0.009 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-06-16T13:45:52Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:24Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-s3-replication", - "commit": "0c9f1b0beaa0ee420f69c701986691db4922311c" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.0, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 2, - "reason": "Found 2/8 approved changesets -- score normalized to 2", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 7105 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.0, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 2, + "reason": "Found 2/8 approved changesets -- score normalized to 2", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 7105 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-serverless/batcave-tf-serverless_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-serverless/batcave-tf-serverless_data.json index 452f3d1349..4683e08e85 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-serverless/batcave-tf-serverless_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-serverless/batcave-tf-serverless_data.json @@ -1,312 +1,312 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-serverless", - "owner": "CMS-Enterprise", - "name": "batcave-tf-serverless", - "description": "batCAVE Serverless Terraform module", - "commits_count": 20, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 7, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 6, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 515, - "average_project_lines": 32, - "total_project_comment_lines": 21, - "average_project_comment_lines": 1, - "total_project_blank_lines": 72, - "average_blank_lines": 5, - "commits_by_month": { - "2023/12": 1, - "2023/10": 1, - "2023/7": 1, - "2022/10": 1, - "2022/7": 2, - "2022/6": 6, - "2022/5": 4, - "2022/4": 4 + "url": "https://github.com/CMS-Enterprise/batcave-tf-serverless", + "owner": "CMS-Enterprise", + "name": "batcave-tf-serverless", + "description": "batCAVE Serverless Terraform module", + "commits_count": 20, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 7, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 6, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 515, + "average_project_lines": 32, + "total_project_comment_lines": 21, + "average_project_comment_lines": 1, + "total_project_blank_lines": 72, + "average_blank_lines": 5, + "commits_by_month": { + "2023/12": 1, + "2023/10": 1, + "2023/7": 1, + "2022/10": 1, + "2022/7": 2, + "2022/6": 6, + "2022/5": 4, + "2022/4": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 8656, + "CodeBytes": 0, + "Lines": 292, + "Code": 237, + "Comment": 17, + "Blank": 38, + "Complexity": 25, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 9160, + "CodeBytes": 0, + "Lines": 139, + "Code": 108, + "Comment": 0, + "Blank": 31, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 107, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 9957.259078070247, + "estimatedScheduleMonths_low": 2.4712685852351113, + "estimatedPeople_low": 0.39252684786520087, + "estimatedCost_high": 31031.168167313142, + "estimatedScheduleMonths_high": 2.4712685852351113, + "estimatedPeople_high": 0.39252684786520087, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 8 292 38 17 237 25\n(ULOC) 194\n-------------------------------------------------------------------------------\nMarkdown 5 139 31 0 108 0\n(ULOC) 107\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n───────────────────────────────────────────────────────────────────────────────\nTotal 16 515 72 21 422 25\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 375\nDRYness % 0.73\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $10,918\nEstimated Schedule Effort (organic) 2.47 months\nEstimated People Required (organic) 0.39\n───────────────────────────────────────────────────────────────────────────────\nProcessed 20525 bytes, 0.021 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-06-23T14:15:48Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:33Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-serverless", + "commit": "47acb225fd4629bc1c85e13039f148012262f014" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 8656, - "CodeBytes": 0, - "Lines": 292, - "Code": 237, - "Comment": 17, - "Blank": 38, - "Complexity": 25, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 9160, - "CodeBytes": 0, - "Lines": 139, - "Code": 108, - "Comment": 0, - "Blank": 31, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 107, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 9957.259078070247, - "estimatedScheduleMonths_low": 2.4712685852351113, - "estimatedPeople_low": 0.39252684786520087, - "estimatedCost_high": 31031.168167313142, - "estimatedScheduleMonths_high": 2.4712685852351113, - "estimatedPeople_high": 0.39252684786520087, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 8 292 38 17 237 25\n(ULOC) 194\n-------------------------------------------------------------------------------\nMarkdown 5 139 31 0 108 0\n(ULOC) 107\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n-------------------------------------------------------------------------------\nJSON 1 6 0 0 6 0\n(ULOC) 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 16 515 72 21 422 25\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 375\nDRYness % 0.73\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $10,918\nEstimated Schedule Effort (organic) 2.47 months\nEstimated People Required (organic) 0.39\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 20525 bytes, 0.021 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-06-23T14:15:48Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:33Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-serverless", - "commit": "47acb225fd4629bc1c85e13039f148012262f014" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 1, - "reason": "1 out of 6 merged PRs checked by a CI test -- score normalized to 1", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 2, - "reason": "Found 4/19 approved changesets -- score normalized to 2", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 3 contributing companies or organizations -- score normalized to 10", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 8881 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 1, + "reason": "1 out of 6 merged PRs checked by a CI test -- score normalized to 1", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 2, + "reason": "Found 4/19 approved changesets -- score normalized to 2", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 3 contributing companies or organizations -- score normalized to 10", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 8881 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-sqs/batcave-tf-sqs_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-sqs/batcave-tf-sqs_data.json index 67820cc7e1..2eb94225cb 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-sqs/batcave-tf-sqs_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-sqs/batcave-tf-sqs_data.json @@ -1,291 +1,291 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-sqs", - "owner": "CMS-Enterprise", - "name": "batcave-tf-sqs", - "description": "batCAVE SQS Terraform module", - "commits_count": 4, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 2, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 8, - "total_project_lines": 124, - "average_project_lines": 21, - "total_project_comment_lines": 8, - "average_project_comment_lines": 1, - "total_project_blank_lines": 17, - "average_blank_lines": 3, - "commits_by_month": { - "2023/10": 1, - "2023/2": 3 + "url": "https://github.com/CMS-Enterprise/batcave-tf-sqs", + "owner": "CMS-Enterprise", + "name": "batcave-tf-sqs", + "description": "batCAVE SQS Terraform module", + "commits_count": 4, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 2, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 8, + "total_project_lines": 124, + "average_project_lines": 21, + "total_project_comment_lines": 8, + "average_project_comment_lines": 1, + "total_project_blank_lines": 17, + "average_blank_lines": 3, + "commits_by_month": { + "2023/10": 1, + "2023/2": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 2859, + "CodeBytes": 0, + "Lines": 83, + "Code": 65, + "Comment": 6, + "Blank": 12, + "Complexity": 3, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1111, + "CodeBytes": 0, + "Lines": 22, + "Code": 17, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 733, + "CodeBytes": 0, + "Lines": 19, + "Code": 17, + "Comment": 2, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 2172.5945612180244, + "estimatedScheduleMonths_low": 1.3857303316919145, + "estimatedPeople_low": 0.15273883469407568, + "estimatedCost_high": 6770.7535437164015, + "estimatedScheduleMonths_high": 1.3857303316919145, + "estimatedPeople_high": 0.15273883469407568, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 3 83 12 6 65 3\n(ULOC) 47\n-------------------------------------------------------------------------------\nMarkdown 2 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n───────────────────────────────────────────────────────────────────────────────\nTotal 6 124 17 8 99 3\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 82\nDRYness % 0.66\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $2,382\nEstimated Schedule Effort (organic) 1.39 months\nEstimated People Required (organic) 0.15\n───────────────────────────────────────────────────────────────────────────────\nProcessed 4703 bytes, 0.005 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-02-03T15:31:43Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:18Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-sqs", + "commit": "5bcc325f5ff9248e8f596b65abae2d56541ab18f" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 2859, - "CodeBytes": 0, - "Lines": 83, - "Code": 65, - "Comment": 6, - "Blank": 12, - "Complexity": 3, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1111, - "CodeBytes": 0, - "Lines": 22, - "Code": 17, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 733, - "CodeBytes": 0, - "Lines": 19, - "Code": 17, - "Comment": 2, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 2172.5945612180244, - "estimatedScheduleMonths_low": 1.3857303316919145, - "estimatedPeople_low": 0.15273883469407568, - "estimatedCost_high": 6770.7535437164015, - "estimatedScheduleMonths_high": 1.3857303316919145, - "estimatedPeople_high": 0.15273883469407568, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 3 83 12 6 65 3\n(ULOC) 47\n-------------------------------------------------------------------------------\nMarkdown 2 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 6 124 17 8 99 3\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 82\nDRYness % 0.66\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $2,382\nEstimated Schedule Effort (organic) 1.39 months\nEstimated People Required (organic) 0.15\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 4703 bytes, 0.005 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-02-03T15:31:43Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:18Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-sqs", - "commit": "5bcc325f5ff9248e8f596b65abae2d56541ab18f" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 2.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 2, - "reason": "Found 1/4 approved changesets -- score normalized to 2", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 3084 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 2, + "reason": "Found 1/4 approved changesets -- score normalized to 2", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 3084 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt-irsa/batcave-tf-utility-belt-irsa_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt-irsa/batcave-tf-utility-belt-irsa_data.json index be4570cd0f..945b8a70e8 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt-irsa/batcave-tf-utility-belt-irsa_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt-irsa/batcave-tf-utility-belt-irsa_data.json @@ -1,293 +1,293 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-utility-belt-irsa", - "owner": "CMS-Enterprise", - "name": "batcave-tf-utility-belt-irsa", - "description": "batCAVE utility belt IRSA Terraform module", - "commits_count": 15, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 17, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 14, - "closed_pull_requests_count": 2, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 612, - "average_project_lines": 61, - "total_project_comment_lines": 8, - "average_project_comment_lines": 1, - "total_project_blank_lines": 70, - "average_blank_lines": 7, - "commits_by_month": { - "2024/4": 2, - "2024/3": 4, - "2024/2": 3, - "2024/1": 6 + "url": "https://github.com/CMS-Enterprise/batcave-tf-utility-belt-irsa", + "owner": "CMS-Enterprise", + "name": "batcave-tf-utility-belt-irsa", + "description": "batCAVE utility belt IRSA Terraform module", + "commits_count": 15, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 17, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 14, + "closed_pull_requests_count": 2, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 612, + "average_project_lines": 61, + "total_project_comment_lines": 8, + "average_project_comment_lines": 1, + "total_project_blank_lines": 70, + "average_blank_lines": 7, + "commits_by_month": { + "2024/4": 2, + "2024/3": 4, + "2024/2": 3, + "2024/1": 6 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 3863, + "CodeBytes": 0, + "Lines": 91, + "Code": 66, + "Comment": 0, + "Blank": 25, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 13317, + "CodeBytes": 0, + "Lines": 443, + "Code": 397, + "Comment": 4, + "Blank": 42, + "Complexity": 31, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 12749.115439830588, + "estimatedScheduleMonths_low": 2.7146212353623, + "estimatedPeople_low": 0.457530783510233, + "estimatedCost_high": 39731.81194704276, + "estimatedScheduleMonths_high": 2.7146212353623, + "estimatedPeople_high": 0.457530783510233, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 5 91 25 0 66 0\n(ULOC) 67\n-------------------------------------------------------------------------------\nTerraform 3 443 42 4 397 31\n(ULOC) 212\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n───────────────────────────────────────────────────────────────────────────────\nTotal 10 612 70 8 534 31\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 349\nDRYness % 0.57\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $13,980\nEstimated Schedule Effort (organic) 2.71 months\nEstimated People Required (organic) 0.46\n───────────────────────────────────────────────────────────────────────────────\nProcessed 19782 bytes, 0.020 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2024-01-03T18:48:01Z", + "ossf_scorecard": { + "date": "2025-01-19T13:35:28Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-utility-belt-irsa", + "commit": "fb581e0d0d143afc92680906cca820bf5a598a45" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 3863, - "CodeBytes": 0, - "Lines": 91, - "Code": 66, - "Comment": 0, - "Blank": 25, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 13317, - "CodeBytes": 0, - "Lines": 443, - "Code": 397, - "Comment": 4, - "Blank": 42, - "Complexity": 31, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 12749.115439830588, - "estimatedScheduleMonths_low": 2.7146212353623, - "estimatedPeople_low": 0.457530783510233, - "estimatedCost_high": 39731.81194704276, - "estimatedScheduleMonths_high": 2.7146212353623, - "estimatedPeople_high": 0.457530783510233, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 5 91 25 0 66 0\n(ULOC) 67\n-------------------------------------------------------------------------------\nTerraform 3 443 42 4 397 31\n(ULOC) 212\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 10 612 70 8 534 31\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 349\nDRYness % 0.57\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $13,980\nEstimated Schedule Effort (organic) 2.71 months\nEstimated People Required (organic) 0.46\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 19782 bytes, 0.020 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2024-01-03T18:48:01Z", - "ossf_scorecard": { - "date": "2025-01-19T13:35:28Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-utility-belt-irsa", - "commit": "fb581e0d0d143afc92680906cca820bf5a598a45" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "14 out of 14 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 14/15 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 13542 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 5.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "14 out of 14 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 14/15 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 13542 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt/batcave-tf-utility-belt_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt/batcave-tf-utility-belt_data.json index fd3bbb8af0..f1b476ffd2 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt/batcave-tf-utility-belt_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-utility-belt/batcave-tf-utility-belt_data.json @@ -1,293 +1,293 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-utility-belt", - "owner": "CMS-Enterprise", - "name": "batcave-tf-utility-belt", - "description": "batCAVE utility belt Terraform module", - "commits_count": 12, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 8, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 7, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 6, - "total_project_lines": 267, - "average_project_lines": 27, - "total_project_comment_lines": 13, - "average_project_comment_lines": 1, - "total_project_blank_lines": 41, - "average_blank_lines": 4, - "commits_by_month": { - "2023/12": 2, - "2023/10": 3, - "2023/7": 4, - "2023/6": 3 + "url": "https://github.com/CMS-Enterprise/batcave-tf-utility-belt", + "owner": "CMS-Enterprise", + "name": "batcave-tf-utility-belt", + "description": "batCAVE utility belt Terraform module", + "commits_count": 12, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 8, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 7, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 6, + "total_project_lines": 267, + "average_project_lines": 27, + "total_project_comment_lines": 13, + "average_project_comment_lines": 1, + "total_project_blank_lines": 41, + "average_blank_lines": 4, + "commits_by_month": { + "2023/12": 2, + "2023/10": 3, + "2023/7": 4, + "2023/6": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 4875, + "CodeBytes": 0, + "Lines": 114, + "Code": 83, + "Comment": 0, + "Blank": 31, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 2460, + "CodeBytes": 0, + "Lines": 75, + "Code": 59, + "Comment": 9, + "Blank": 7, + "Complexity": 5, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2602, + "CodeBytes": 0, + "Lines": 78, + "Code": 71, + "Comment": 4, + "Blank": 3, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 4856.912922797333, + "estimatedScheduleMonths_low": 1.8812379983363494, + "estimatedPeople_low": 0.2515162695549649, + "estimatedCost_high": 15136.261947151193, + "estimatedScheduleMonths_high": 1.8812379983363494, + "estimatedPeople_high": 0.2515162695549649, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 5 114 31 0 83 0\n(ULOC) 84\n-------------------------------------------------------------------------------\nTerraform 3 75 7 9 59 5\n(ULOC) 57\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n───────────────────────────────────────────────────────────────────────────────\nTotal 10 267 41 13 213 5\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 211\nDRYness % 0.79\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $5,325\nEstimated Schedule Effort (organic) 1.88 months\nEstimated People Required (organic) 0.25\n───────────────────────────────────────────────────────────────────────────────\nProcessed 9937 bytes, 0.010 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-06-16T18:22:57Z", + "ossf_scorecard": { + "date": "2025-01-19T13:35:48Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-utility-belt", + "commit": "ccd00239ff8c11a099f251dfdfb8eabad146d2c7" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 4875, - "CodeBytes": 0, - "Lines": 114, - "Code": 83, - "Comment": 0, - "Blank": 31, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 2460, - "CodeBytes": 0, - "Lines": 75, - "Code": 59, - "Comment": 9, - "Blank": 7, - "Complexity": 5, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2602, - "CodeBytes": 0, - "Lines": 78, - "Code": 71, - "Comment": 4, - "Blank": 3, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 4856.912922797333, - "estimatedScheduleMonths_low": 1.8812379983363494, - "estimatedPeople_low": 0.2515162695549649, - "estimatedCost_high": 15136.261947151193, - "estimatedScheduleMonths_high": 1.8812379983363494, - "estimatedPeople_high": 0.2515162695549649, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 5 114 31 0 83 0\n(ULOC) 84\n-------------------------------------------------------------------------------\nTerraform 3 75 7 9 59 5\n(ULOC) 57\n-------------------------------------------------------------------------------\nYAML 2 78 3 4 71 0\n(ULOC) 72\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 10 267 41 13 213 5\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 211\nDRYness % 0.79\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $5,325\nEstimated Schedule Effort (organic) 1.88 months\nEstimated People Required (organic) 0.25\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 9937 bytes, 0.010 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-06-16T18:22:57Z", - "ossf_scorecard": { - "date": "2025-01-19T13:35:48Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-utility-belt", - "commit": "ccd00239ff8c11a099f251dfdfb8eabad146d2c7" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 1, - "reason": "1 out of 7 merged PRs checked by a CI test -- score normalized to 1", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 8, - "reason": "Found 7/8 approved changesets -- score normalized to 8", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 2685 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 1, + "reason": "1 out of 7 merged PRs checked by a CI test -- score normalized to 1", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 8, + "reason": "Found 7/8 approved changesets -- score normalized to 8", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 2685 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-utilitybelt-data/batcave-tf-utilitybelt-data_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-utilitybelt-data/batcave-tf-utilitybelt-data_data.json index a403a61436..36d62a758f 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-utilitybelt-data/batcave-tf-utilitybelt-data_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-utilitybelt-data/batcave-tf-utilitybelt-data_data.json @@ -1,276 +1,276 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-utilitybelt-data", - "owner": "CMS-Enterprise", - "name": "batcave-tf-utilitybelt-data", - "description": "batCAVE Terraform utility belt data", - "commits_count": 3, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 2, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 7, - "total_project_lines": 42, - "average_project_lines": 11, - "total_project_comment_lines": 2, - "average_project_comment_lines": 1, - "total_project_blank_lines": 5, - "average_blank_lines": 1, - "commits_by_month": { - "2023/10": 1, - "2023/6": 2 + "url": "https://github.com/CMS-Enterprise/batcave-tf-utilitybelt-data", + "owner": "CMS-Enterprise", + "name": "batcave-tf-utilitybelt-data", + "description": "batCAVE Terraform utility belt data", + "commits_count": 3, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 2, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 7, + "total_project_lines": 42, + "average_project_lines": 11, + "total_project_comment_lines": 2, + "average_project_comment_lines": 1, + "total_project_blank_lines": 5, + "average_blank_lines": 1, + "commits_by_month": { + "2023/10": 1, + "2023/6": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 1141, + "CodeBytes": 0, + "Lines": 23, + "Code": 18, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 733, + "CodeBytes": 0, + "Lines": 19, + "Code": 17, + "Comment": 2, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 729.1773672687053, + "estimatedScheduleMonths_low": 0.9151734876309182, + "estimatedPeople_low": 0.07762100438902987, + "estimatedCost_high": 2272.435148076823, + "estimatedScheduleMonths_high": 0.9151734876309182, + "estimatedPeople_high": 0.07762100438902987, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 3 23 5 0 18 0\n(ULOC) 19\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n───────────────────────────────────────────────────────────────────────────────\nTotal 4 42 5 2 35 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 37\nDRYness % 0.88\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $799\nEstimated Schedule Effort (organic) 0.92 months\nEstimated People Required (organic) 0.08\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1874 bytes, 0.002 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-06-06T17:35:33Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:28Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-utilitybelt-data", + "commit": "ef0e2897d265a1b20a3b6094deb1bd9630163fb4" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 1141, - "CodeBytes": 0, - "Lines": 23, - "Code": 18, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 733, - "CodeBytes": 0, - "Lines": 19, - "Code": 17, - "Comment": 2, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 729.1773672687053, - "estimatedScheduleMonths_low": 0.9151734876309182, - "estimatedPeople_low": 0.07762100438902987, - "estimatedCost_high": 2272.435148076823, - "estimatedScheduleMonths_high": 0.9151734876309182, - "estimatedPeople_high": 0.07762100438902987, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 3 23 5 0 18 0\n(ULOC) 19\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 4 42 5 2 35 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 37\nDRYness % 0.88\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $799\nEstimated Schedule Effort (organic) 0.92 months\nEstimated People Required (organic) 0.08\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 1874 bytes, 0.002 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-06-06T17:35:33Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:28Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-utilitybelt-data", - "commit": "ef0e2897d265a1b20a3b6094deb1bd9630163fb4" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 3, - "reason": "Found 1/3 approved changesets -- score normalized to 3", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 225 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 3, + "reason": "Found 1/3 approved changesets -- score normalized to 3", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 225 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-tf-vpc/batcave-tf-vpc_data.json b/app/site/_data/CMS-Enterprise/batcave-tf-vpc/batcave-tf-vpc_data.json index 482db7f397..2c3e6f7fef 100644 --- a/app/site/_data/CMS-Enterprise/batcave-tf-vpc/batcave-tf-vpc_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-tf-vpc/batcave-tf-vpc_data.json @@ -1,303 +1,303 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-tf-vpc", - "owner": "CMS-Enterprise", - "name": "batcave-tf-vpc", - "description": "batCAVE VPC Terraform module", - "commits_count": 26, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 32, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 25, - "closed_pull_requests_count": 5, - "forks_count": 1, - "stargazers_count": 0, - "watchers_count": 6, - "total_project_lines": 429, - "average_project_lines": 72, - "total_project_comment_lines": 29, - "average_project_comment_lines": 5, - "total_project_blank_lines": 67, - "average_blank_lines": 11, - "commits_by_month": { - "2023/10": 2, - "2023/9": 1, - "2023/8": 1, - "2023/7": 1, - "2023/3": 1, - "2023/2": 1, - "2023/1": 1, - "2022/10": 1, - "2022/9": 1, - "2022/7": 2, - "2022/6": 1, - "2022/5": 6, - "2022/4": 3, - "2022/3": 4 + "url": "https://github.com/CMS-Enterprise/batcave-tf-vpc", + "owner": "CMS-Enterprise", + "name": "batcave-tf-vpc", + "description": "batCAVE VPC Terraform module", + "commits_count": 26, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 32, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 25, + "closed_pull_requests_count": 5, + "forks_count": 1, + "stargazers_count": 0, + "watchers_count": 6, + "total_project_lines": 429, + "average_project_lines": 72, + "total_project_comment_lines": 29, + "average_project_comment_lines": 5, + "total_project_blank_lines": 67, + "average_blank_lines": 11, + "commits_by_month": { + "2023/10": 2, + "2023/9": 1, + "2023/8": 1, + "2023/7": 1, + "2023/3": 1, + "2023/2": 1, + "2023/1": 1, + "2022/10": 1, + "2022/9": 1, + "2022/7": 2, + "2022/6": 1, + "2022/5": 6, + "2022/4": 3, + "2022/3": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Terraform", + "Bytes": 11703, + "CodeBytes": 0, + "Lines": 388, + "Code": 299, + "Comment": 27, + "Blank": 62, + "Complexity": 78, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 1111, + "CodeBytes": 0, + "Lines": 22, + "Code": 17, + "Comment": 0, + "Blank": 5, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 733, + "CodeBytes": 0, + "Lines": 19, + "Code": 17, + "Comment": 2, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 7764.7625413905025, + "estimatedScheduleMonths_low": 2.2484101113275097, + "estimatedPeople_low": 0.3364357647628407, + "estimatedCost_high": 24198.391375776013, + "estimatedScheduleMonths_high": 2.2484101113275097, + "estimatedPeople_high": 0.3364357647628407, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 3 388 62 27 299 78\n(ULOC) 211\n-------------------------------------------------------------------------------\nMarkdown 2 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n───────────────────────────────────────────────────────────────────────────────\nTotal 6 429 67 29 333 78\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 246\nDRYness % 0.57\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $8,514\nEstimated Schedule Effort (organic) 2.25 months\nEstimated People Required (organic) 0.34\n───────────────────────────────────────────────────────────────────────────────\nProcessed 13547 bytes, 0.014 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-03-10T14:25:02Z", + "ossf_scorecard": { + "date": "2025-01-19T13:36:41Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-tf-vpc", + "commit": "2fa49e15c2271d880c2cc1b85e8e0ccae24831b1" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Terraform", - "Bytes": 11703, - "CodeBytes": 0, - "Lines": 388, - "Code": 299, - "Comment": 27, - "Blank": 62, - "Complexity": 78, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 1111, - "CodeBytes": 0, - "Lines": 22, - "Code": 17, - "Comment": 0, - "Blank": 5, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 733, - "CodeBytes": 0, - "Lines": 19, - "Code": 17, - "Comment": 2, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 7764.7625413905025, - "estimatedScheduleMonths_low": 2.2484101113275097, - "estimatedPeople_low": 0.3364357647628407, - "estimatedCost_high": 24198.391375776013, - "estimatedScheduleMonths_high": 2.2484101113275097, - "estimatedPeople_high": 0.3364357647628407, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTerraform 3 388 62 27 299 78\n(ULOC) 211\n-------------------------------------------------------------------------------\nMarkdown 2 22 5 0 17 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nYAML 1 19 0 2 17 0\n(ULOC) 19\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 6 429 67 29 333 78\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 246\nDRYness % 0.57\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $8,514\nEstimated Schedule Effort (organic) 2.25 months\nEstimated People Required (organic) 0.34\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 13547 bytes, 0.014 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-03-10T14:25:02Z", - "ossf_scorecard": { - "date": "2025-01-19T13:36:41Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-tf-vpc", - "commit": "2fa49e15c2271d880c2cc1b85e8e0ccae24831b1" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.9, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 25 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 24/26 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HCL": 11928 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.9, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 25 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 24/26 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HCL": 11928 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-workflow-engine/batcave-workflow-engine_data.json b/app/site/_data/CMS-Enterprise/batcave-workflow-engine/batcave-workflow-engine_data.json index 82191a3e68..b6d0fa69f6 100644 --- a/app/site/_data/CMS-Enterprise/batcave-workflow-engine/batcave-workflow-engine_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-workflow-engine/batcave-workflow-engine_data.json @@ -1,361 +1,361 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-workflow-engine", - "owner": "CMS-Enterprise", - "name": "batcave-workflow-engine", - "description": "batCAVE workflow engine", - "commits_count": 226, - "issues_count": 1, - "open_issues_count": 0, - "closed_issues_count": 1, - "pull_requests_count": 41, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 35, - "closed_pull_requests_count": 6, - "forks_count": 1, - "stargazers_count": 3, - "watchers_count": 8, - "total_project_lines": 6870, - "average_project_lines": 103, - "total_project_comment_lines": 387, - "average_project_comment_lines": 6, - "total_project_blank_lines": 1194, - "average_blank_lines": 18, - "commits_by_month": { - "2024/6": 11, - "2024/5": 4, - "2024/4": 4, - "2024/3": 11 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Go", - "Bytes": 147215, - "CodeBytes": 0, - "Lines": 5234, - "Code": 4121, - "Comment": 347, - "Blank": 766, - "Complexity": 432, - "Count": 35, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 50773, - "CodeBytes": 0, - "Lines": 1213, - "Code": 849, - "Comment": 0, - "Blank": 364, - "Complexity": 0, - "Count": 20, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 9867, - "CodeBytes": 0, - "Lines": 312, - "Code": 254, - "Comment": 28, - "Blank": 30, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 2639, - "CodeBytes": 0, - "Lines": 92, - "Code": 49, - "Comment": 12, - "Blank": 31, - "Complexity": 10, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 121, - "CodeBytes": 0, - "Lines": 12, - "Code": 9, - "Comment": 0, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 209985, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 113, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 141613.27907495655, - "estimatedScheduleMonths_low": 6.777138072996301, - "estimatedPeople_low": 2.035668954266601, - "estimatedCost_high": 441328.8278676867, - "estimatedScheduleMonths_high": 6.777138072996301, - "estimatedPeople_high": 2.035668954266601, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nGo 35 5234 766 347 4121 432\n(ULOC) 2553\n-------------------------------------------------------------------------------\nMarkdown 20 1213 364 0 849 0\n(ULOC) 703\n-------------------------------------------------------------------------------\nYAML 7 312 30 28 254 0\n(ULOC) 240\n-------------------------------------------------------------------------------\nDockerfile 2 92 31 12 49 10\n(ULOC) 61\n-------------------------------------------------------------------------------\nHTML 1 12 3 0 9 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nJSON 1 1 0 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nTOML 1 6 0 0 6 0\n(ULOC) 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 67 6870 1194 387 5289 442\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 3563\nDRYness % 0.52\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $155,287\nEstimated Schedule Effort (organic) 6.78 months\nEstimated People Required (organic) 2.04\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 420713 bytes, 0.421 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "created_at": "2023-12-07T14:46:50Z", - "ossf_scorecard": { - "date": "2025-01-19T13:35:10Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-workflow-engine", - "commit": "5afd98e6e2ca1cabd01e1018692532cda810c044" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 7, - "reason": "6 out of 8 merged PRs checked by a CI test -- score normalized to 7", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 2, - "reason": "Found 6/29 approved changesets -- score normalized to 2", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 3 contributing companies or organizations -- score normalized to 10", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 7, - "reason": "SAST tool is not run on all commits -- score normalized to 7", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": 0, - "reason": "Project has not signed or included provenance with any releases.", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 6, - "reason": "4 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "url": "https://github.com/CMS-Enterprise/batcave-workflow-engine", + "owner": "CMS-Enterprise", + "name": "batcave-workflow-engine", + "description": "batCAVE workflow engine", + "commits_count": 226, + "issues_count": 1, + "open_issues_count": 0, + "closed_issues_count": 1, + "pull_requests_count": 41, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 35, + "closed_pull_requests_count": 6, + "forks_count": 1, + "stargazers_count": 3, + "watchers_count": 8, + "total_project_lines": 6870, + "average_project_lines": 103, + "total_project_comment_lines": 387, + "average_project_comment_lines": 6, + "total_project_blank_lines": 1194, + "average_blank_lines": 18, + "commits_by_month": { + "2024/6": 11, + "2024/5": 4, + "2024/4": 4, + "2024/3": 11 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Go", + "Bytes": 147215, + "CodeBytes": 0, + "Lines": 5234, + "Code": 4121, + "Comment": 347, + "Blank": 766, + "Complexity": 432, + "Count": 35, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 50773, + "CodeBytes": 0, + "Lines": 1213, + "Code": 849, + "Comment": 0, + "Blank": 364, + "Complexity": 0, + "Count": 20, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 9867, + "CodeBytes": 0, + "Lines": 312, + "Code": 254, + "Comment": 28, + "Blank": 30, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 2639, + "CodeBytes": 0, + "Lines": 92, + "Code": 49, + "Comment": 12, + "Blank": 31, + "Complexity": 10, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 121, + "CodeBytes": 0, + "Lines": 12, + "Code": 9, + "Comment": 0, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 209985, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 113, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 141613.27907495655, + "estimatedScheduleMonths_low": 6.777138072996301, + "estimatedPeople_low": 2.035668954266601, + "estimatedCost_high": 441328.8278676867, + "estimatedScheduleMonths_high": 6.777138072996301, + "estimatedPeople_high": 2.035668954266601, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nGo 35 5234 766 347 4121 432\n(ULOC) 2553\n-------------------------------------------------------------------------------\nMarkdown 20 1213 364 0 849 0\n(ULOC) 703\n-------------------------------------------------------------------------------\nYAML 7 312 30 28 254 0\n(ULOC) 240\n-------------------------------------------------------------------------------\nDockerfile 2 92 31 12 49 10\n(ULOC) 61\n-------------------------------------------------------------------------------\nHTML 1 12 3 0 9 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nJSON 1 1 0 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nTOML 1 6 0 0 6 0\n(ULOC) 7\n───────────────────────────────────────────────────────────────────────────────\nTotal 67 6870 1194 387 5289 442\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3563\nDRYness % 0.52\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $155,287\nEstimated Schedule Effort (organic) 6.78 months\nEstimated People Required (organic) 2.04\n───────────────────────────────────────────────────────────────────────────────\nProcessed 420713 bytes, 0.421 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-12-07T14:46:50Z", + "ossf_scorecard": { + "date": "2025-01-19T13:35:10Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-workflow-engine", + "commit": "5afd98e6e2ca1cabd01e1018692532cda810c044" }, - "predominant_langs": { - "Go": 147215, - "Dockerfile": 2639, - "Just": 1368, - "HTML": 121 + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "average_issue_resolution_time": [ - [ - "batcave-workflow-engine", - "7 days 06:43:47" - ] + "score": 4.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 7, + "reason": "6 out of 8 merged PRs checked by a CI test -- score normalized to 7", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 2, + "reason": "Found 6/29 approved changesets -- score normalized to 2", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 3 contributing companies or organizations -- score normalized to 10", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 7, + "reason": "SAST tool is not run on all commits -- score normalized to 7", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": 0, + "reason": "Project has not signed or included provenance with any releases.", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 6, + "reason": "4 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } ], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "metadata": null + }, + "predominant_langs": { + "Go": 147215, + "Dockerfile": 2639, + "Just": 1368, + "HTML": 121 + }, + "average_issue_resolution_time": [ + [ + "batcave-workflow-engine", + "7 days 06:43:47" + ] + ], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/batcave-wt-sdl-reporting/batcave-wt-sdl-reporting_data.json b/app/site/_data/CMS-Enterprise/batcave-wt-sdl-reporting/batcave-wt-sdl-reporting_data.json index 691cd05d35..b036fec007 100644 --- a/app/site/_data/CMS-Enterprise/batcave-wt-sdl-reporting/batcave-wt-sdl-reporting_data.json +++ b/app/site/_data/CMS-Enterprise/batcave-wt-sdl-reporting/batcave-wt-sdl-reporting_data.json @@ -1,464 +1,464 @@ { - "url": "https://github.com/CMS-Enterprise/batcave-wt-sdl-reporting", - "owner": "CMS-Enterprise", - "name": "batcave-wt-sdl-reporting", - "description": "batCAVE Security Data Lake daily reporting automation", - "commits_count": 22, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 8, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 7, - "closed_pull_requests_count": 0, - "forks_count": 2, - "stargazers_count": 0, - "watchers_count": 7, - "total_project_lines": 1468, - "average_project_lines": 77, - "total_project_comment_lines": 56, - "average_project_comment_lines": 3, - "total_project_blank_lines": 132, - "average_blank_lines": 7, - "commits_by_month": { - "2024/5": 2, - "2024/4": 1, - "2024/3": 4, - "2024/2": 2, - "2024/1": 11, - "2023/12": 2 + "url": "https://github.com/CMS-Enterprise/batcave-wt-sdl-reporting", + "owner": "CMS-Enterprise", + "name": "batcave-wt-sdl-reporting", + "description": "batCAVE Security Data Lake daily reporting automation", + "commits_count": 22, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 8, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 7, + "closed_pull_requests_count": 0, + "forks_count": 2, + "stargazers_count": 0, + "watchers_count": 7, + "total_project_lines": 1468, + "average_project_lines": 77, + "total_project_comment_lines": 56, + "average_project_comment_lines": 3, + "total_project_blank_lines": 132, + "average_blank_lines": 7, + "commits_by_month": { + "2024/5": 2, + "2024/4": 1, + "2024/3": 4, + "2024/2": 2, + "2024/1": 11, + "2023/12": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Python", + "Bytes": 15547, + "CodeBytes": 0, + "Lines": 478, + "Code": 368, + "Comment": 24, + "Blank": 86, + "Complexity": 20, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 3843, + "CodeBytes": 0, + "Lines": 119, + "Code": 119, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 4096, + "CodeBytes": 0, + "Lines": 86, + "Code": 59, + "Comment": 0, + "Blank": 27, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 4331, + "CodeBytes": 0, + "Lines": 111, + "Code": 73, + "Comment": 23, + "Blank": 15, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CloudFormation (YAML)", + "Bytes": 19828, + "CodeBytes": 0, + "Lines": 621, + "Code": 621, + "Comment": 0, + "Blank": 0, + "Complexity": 75, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 638, + "CodeBytes": 0, + "Lines": 34, + "Code": 28, + "Comment": 5, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 138, + "CodeBytes": 0, + "Lines": 7, + "Code": 4, + "Comment": 0, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 157, + "CodeBytes": 0, + "Lines": 8, + "Code": 4, + "Comment": 4, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 63, + "CodeBytes": 0, + "Lines": 4, + "Code": 4, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 31925.09525993872, + "estimatedScheduleMonths_low": 3.8476632776381665, + "estimatedPeople_low": 0.8083224696466932, + "estimatedCost_high": 99492.54026647726, + "estimatedScheduleMonths_high": 3.8476632776381665, + "estimatedPeople_high": 0.8083224696466932, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nPython 5 478 86 24 368 20\n(ULOC) 307\n-------------------------------------------------------------------------------\nJSON 3 119 0 0 119 0\n(ULOC) 108\n-------------------------------------------------------------------------------\nMarkdown 3 86 27 0 59 0\n(ULOC) 60\n-------------------------------------------------------------------------------\nTypeScript 3 111 15 23 73 0\n(ULOC) 91\n-------------------------------------------------------------------------------\nCloudFormation (YAM… 1 621 0 0 621 75\n(ULOC) 372\n-------------------------------------------------------------------------------\nDocker ignore 1 34 1 5 28 0\n(ULOC) 34\n-------------------------------------------------------------------------------\nDockerfile 1 7 3 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nJavaScript 1 8 0 4 4 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nPlain Text 1 4 0 0 4 0\n(ULOC) 4\n───────────────────────────────────────────────────────────────────────────────\nTotal 19 1468 132 56 1280 95\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 977\nDRYness % 0.67\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $35,007\nEstimated Schedule Effort (organic) 3.85 months\nEstimated People Required (organic) 0.81\n───────────────────────────────────────────────────────────────────────────────\nProcessed 48641 bytes, 0.049 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-12-08T19:56:33Z", + "ossf_scorecard": { + "date": "2025-01-19T13:35:23Z", + "repo": { + "name": "github.com/CMS-Enterprise/batcave-wt-sdl-reporting", + "commit": "5ce92bbf0b439b4e6ee03ac0f0ce61636cc6cd58" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Python", - "Bytes": 15547, - "CodeBytes": 0, - "Lines": 478, - "Code": 368, - "Comment": 24, - "Blank": 86, - "Complexity": 20, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 3843, - "CodeBytes": 0, - "Lines": 119, - "Code": 119, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 4096, - "CodeBytes": 0, - "Lines": 86, - "Code": 59, - "Comment": 0, - "Blank": 27, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 4331, - "CodeBytes": 0, - "Lines": 111, - "Code": 73, - "Comment": 23, - "Blank": 15, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CloudFormation (YAML)", - "Bytes": 19828, - "CodeBytes": 0, - "Lines": 621, - "Code": 621, - "Comment": 0, - "Blank": 0, - "Complexity": 75, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 638, - "CodeBytes": 0, - "Lines": 34, - "Code": 28, - "Comment": 5, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 138, - "CodeBytes": 0, - "Lines": 7, - "Code": 4, - "Comment": 0, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 157, - "CodeBytes": 0, - "Lines": 8, - "Code": 4, - "Comment": 4, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 63, - "CodeBytes": 0, - "Lines": 4, - "Code": 4, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 31925.09525993872, - "estimatedScheduleMonths_low": 3.8476632776381665, - "estimatedPeople_low": 0.8083224696466932, - "estimatedCost_high": 99492.54026647726, - "estimatedScheduleMonths_high": 3.8476632776381665, - "estimatedPeople_high": 0.8083224696466932, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nPython 5 478 86 24 368 20\n(ULOC) 307\n-------------------------------------------------------------------------------\nJSON 3 119 0 0 119 0\n(ULOC) 108\n-------------------------------------------------------------------------------\nMarkdown 3 86 27 0 59 0\n(ULOC) 60\n-------------------------------------------------------------------------------\nTypeScript 3 111 15 23 73 0\n(ULOC) 91\n-------------------------------------------------------------------------------\nCloudFormation (YAM\u2026 1 621 0 0 621 75\n(ULOC) 372\n-------------------------------------------------------------------------------\nDocker ignore 1 34 1 5 28 0\n(ULOC) 34\n-------------------------------------------------------------------------------\nDockerfile 1 7 3 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nJavaScript 1 8 0 4 4 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nPlain Text 1 4 0 0 4 0\n(ULOC) 4\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 19 1468 132 56 1280 95\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 977\nDRYness % 0.67\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $35,007\nEstimated Schedule Effort (organic) 3.85 months\nEstimated People Required (organic) 0.81\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 48641 bytes, 0.049 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-12-08T19:56:33Z", - "ossf_scorecard": { - "date": "2025-01-19T13:35:23Z", - "repo": { - "name": "github.com/CMS-Enterprise/batcave-wt-sdl-reporting", - "commit": "5ce92bbf0b439b4e6ee03ac0f0ce61636cc6cd58" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 7, - "reason": "5 out of 7 merged PRs checked by a CI test -- score normalized to 7", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 1, - "reason": "Found 2/11 approved changesets -- score normalized to 1", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 6, - "reason": "SAST tool is not run on all commits -- score normalized to 6", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 2, - "reason": "8 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "Python": 15547, - "TypeScript": 3399, - "JavaScript": 1089, - "Dockerfile": 138 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [ - [ - "@aws-cdk/aws-lambda-python-alpha", - 0.0, - "2024-11-07T21:26:13.000" - ], - [ - "@types/jest", - 0.9232876712, - "2024-11-07T21:26:13.000" - ], - [ - "@types/node", - 1.2054794521, - "2024-11-07T21:26:13.000" - ], - [ - "aws-cdk", - 0.0, - "2024-11-07T21:26:13.000" - ], - [ - "aws-cdk-lib", - 0.0, - "2024-11-07T21:26:13.000" - ], - [ - "constructs", - 0.0, - "2024-11-07T21:26:13.000" - ], - [ - "jest", - 0.0, - "2024-11-07T21:26:13.000" - ], - [ - "pandas", - 0.0, - "2025-01-02T18:02:45.000" - ], - [ - "slack_sdk", - 0.0, - "2025-01-02T18:02:45.000" - ], - [ - "slackblocks", - 0.0, - "2025-01-02T18:02:45.000" - ], - [ - "snowflake-connector-python", - 0.0, - "2025-01-02T18:02:45.000" - ], - [ - "source-map-support", - 0.0, - "2024-11-07T21:26:13.000" - ], - [ - "ts-jest", - 0.0, - "2024-11-07T21:26:13.000" - ], - [ - "ts-node", - 0.0, - "2024-11-07T21:26:13.000" - ], - [ - "typescript", - 1.2794520548, - "2024-11-07T21:26:13.000" - ] + "score": 3.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 7, + "reason": "5 out of 7 merged PRs checked by a CI test -- score normalized to 7", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 1, + "reason": "Found 2/11 approved changesets -- score normalized to 1", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 6, + "reason": "SAST tool is not run on all commits -- score normalized to 6", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 2, + "reason": "8 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "Python": 15547, + "TypeScript": 3399, + "JavaScript": 1089, + "Dockerfile": 138 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [ + [ + "@aws-cdk/aws-lambda-python-alpha", + 0.0, + "2024-11-07T21:26:13.000" + ], + [ + "@types/jest", + 0.9232876712, + "2024-11-07T21:26:13.000" + ], + [ + "@types/node", + 1.2054794521, + "2024-11-07T21:26:13.000" + ], + [ + "aws-cdk", + 0.0, + "2024-11-07T21:26:13.000" + ], + [ + "aws-cdk-lib", + 0.0, + "2024-11-07T21:26:13.000" + ], + [ + "constructs", + 0.0, + "2024-11-07T21:26:13.000" + ], + [ + "jest", + 0.0, + "2024-11-07T21:26:13.000" + ], + [ + "pandas", + 0.0, + "2025-01-02T18:02:45.000" + ], + [ + "slack_sdk", + 0.0, + "2025-01-02T18:02:45.000" + ], + [ + "slackblocks", + 0.0, + "2025-01-02T18:02:45.000" + ], + [ + "snowflake-connector-python", + 0.0, + "2025-01-02T18:02:45.000" + ], + [ + "source-map-support", + 0.0, + "2024-11-07T21:26:13.000" + ], + [ + "ts-jest", + 0.0, + "2024-11-07T21:26:13.000" + ], + [ + "ts-node", + 0.0, + "2024-11-07T21:26:13.000" + ], + [ + "typescript", + 1.2794520548, + "2024-11-07T21:26:13.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay/cms-ars-5.0-apache-2.4-unix-server-stig-overlay_data.json b/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay/cms-ars-5.0-apache-2.4-unix-server-stig-overlay_data.json index 61bd57f6d4..d2399fe8f0 100644 --- a/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay/cms-ars-5.0-apache-2.4-unix-server-stig-overlay_data.json +++ b/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay/cms-ars-5.0-apache-2.4-unix-server-stig-overlay_data.json @@ -1,59 +1,59 @@ { - "url": "https://github.com/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay", - "owner": "CMS-Enterprise", - "name": "cms-ars-5.0-apache-2.4-unix-server-stig-overlay", - "description": null, - "commits_count": null, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 0, - "average_project_lines": 0, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 0, - "average_blank_lines": 0, - "commits_by_month": {}, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": null, - "estimatedCost_low": null, - "estimatedScheduleMonths_low": null, - "estimatedPeople_low": null, - "estimatedCost_high": null, - "estimatedScheduleMonths_high": null, - "estimatedPeople_high": null, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 0 0 0 0 0 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 0\nDRYness % NaN\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $0\nEstimated Schedule Effort (organic) 0.00 months\nEstimated People Required 1 Grandparent\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 0 bytes, 0.000 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay", + "owner": "CMS-Enterprise", + "name": "cms-ars-5.0-apache-2.4-unix-server-stig-overlay", + "description": null, + "commits_count": null, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 0, + "average_project_lines": 0, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 0, + "average_blank_lines": 0, + "commits_by_month": {}, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": null, + "estimatedCost_low": null, + "estimatedScheduleMonths_low": null, + "estimatedPeople_low": null, + "estimatedCost_high": null, + "estimatedScheduleMonths_high": null, + "estimatedPeople_high": null, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\n───────────────────────────────────────────────────────────────────────────────\nTotal 0 0 0 0 0 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 0\nDRYness % NaN\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $0\nEstimated Schedule Effort (organic) 0.00 months\nEstimated People Required 1 Grandparent\n───────────────────────────────────────────────────────────────────────────────\nProcessed 0 bytes, 0.000 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-11-04T16:30:37Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:45Z", + "repo": { + "name": "github.com/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay", + "commit": "HEAD" }, - "created_at": "2022-11-04T16:30:37Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:45Z", - "repo": { - "name": "github.com/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-server-stig-overlay", - "commit": "HEAD" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": -1.0, - "checks": null, - "metadata": null + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": -1.0, + "checks": null, + "metadata": null + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay/cms-ars-5.0-apache-2.4-unix-site-stig-overlay_data.json b/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay/cms-ars-5.0-apache-2.4-unix-site-stig-overlay_data.json index b9660e628a..0800ddaf68 100644 --- a/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay/cms-ars-5.0-apache-2.4-unix-site-stig-overlay_data.json +++ b/app/site/_data/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay/cms-ars-5.0-apache-2.4-unix-site-stig-overlay_data.json @@ -1,59 +1,59 @@ { - "url": "https://github.com/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay", - "owner": "CMS-Enterprise", - "name": "cms-ars-5.0-apache-2.4-unix-site-stig-overlay", - "description": null, - "commits_count": null, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 0, - "average_project_lines": 0, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 0, - "average_blank_lines": 0, - "commits_by_month": {}, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": null, - "estimatedCost_low": null, - "estimatedScheduleMonths_low": null, - "estimatedPeople_low": null, - "estimatedCost_high": null, - "estimatedScheduleMonths_high": null, - "estimatedPeople_high": null, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 0 0 0 0 0 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 0\nDRYness % NaN\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $0\nEstimated Schedule Effort (organic) 0.00 months\nEstimated People Required 1 Grandparent\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 0 bytes, 0.000 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay", + "owner": "CMS-Enterprise", + "name": "cms-ars-5.0-apache-2.4-unix-site-stig-overlay", + "description": null, + "commits_count": null, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 0, + "average_project_lines": 0, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 0, + "average_blank_lines": 0, + "commits_by_month": {}, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": null, + "estimatedCost_low": null, + "estimatedScheduleMonths_low": null, + "estimatedPeople_low": null, + "estimatedCost_high": null, + "estimatedScheduleMonths_high": null, + "estimatedPeople_high": null, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\n───────────────────────────────────────────────────────────────────────────────\nTotal 0 0 0 0 0 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 0\nDRYness % NaN\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $0\nEstimated Schedule Effort (organic) 0.00 months\nEstimated People Required 1 Grandparent\n───────────────────────────────────────────────────────────────────────────────\nProcessed 0 bytes, 0.000 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-11-04T16:31:14Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:45Z", + "repo": { + "name": "github.com/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay", + "commit": "HEAD" }, - "created_at": "2022-11-04T16:31:14Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:45Z", - "repo": { - "name": "github.com/CMS-Enterprise/cms-ars-5.0-apache-2.4-unix-site-stig-overlay", - "commit": "HEAD" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": -1.0, - "checks": null, - "metadata": null + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": -1.0, + "checks": null, + "metadata": null + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay_data.json b/app/site/_data/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay_data.json index 693f71d13f..86216f88e3 100644 --- a/app/site/_data/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay_data.json +++ b/app/site/_data/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay_data.json @@ -1,259 +1,259 @@ { - "url": "https://github.com/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay", - "owner": "CMS-Enterprise", - "name": "cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay", - "description": null, - "commits_count": 2, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 1, - "forks_count": 1, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 1, - "average_project_lines": 1, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 0, - "average_blank_lines": 0, - "commits_by_month": { - "2023/4": 1, - "2023/2": 1 + "url": "https://github.com/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay", + "owner": "CMS-Enterprise", + "name": "cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay", + "description": null, + "commits_count": 2, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 1, + "forks_count": 1, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 1, + "average_project_lines": 1, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 0, + "average_blank_lines": 0, + "commits_by_month": { + "2023/4": 1, + "2023/2": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 344, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 17.44061253011111, + "estimatedScheduleMonths_low": 0.2215237428056705, + "estimatedPeople_low": 0.007669922244011662, + "estimatedCost_high": 54.35256591392355, + "estimatedScheduleMonths_high": 0.2215237428056705, + "estimatedPeople_high": 0.007669922244011662, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 1 1 0 0 1 0\n(ULOC) 2\n───────────────────────────────────────────────────────────────────────────────\nTotal 1 1 0 0 1 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2\nDRYness % 2.00\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $19\nEstimated Schedule Effort (organic) 0.22 months\nEstimated People Required (organic) 0.01\n───────────────────────────────────────────────────────────────────────────────\nProcessed 344 bytes, 0.000 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-11-04T16:29:55Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:42Z", + "repo": { + "name": "github.com/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay", + "commit": "7fbd1e2a35302220614d33e7c9b1128412310633" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 344, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 17.44061253011111, - "estimatedScheduleMonths_low": 0.2215237428056705, - "estimatedPeople_low": 0.007669922244011662, - "estimatedCost_high": 54.35256591392355, - "estimatedScheduleMonths_high": 0.2215237428056705, - "estimatedPeople_high": 0.007669922244011662, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 1 1 0 0 1 0\n(ULOC) 2\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 1 1 0 0 1 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 2\nDRYness % 2.00\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $19\nEstimated Schedule Effort (organic) 0.22 months\nEstimated People Required (organic) 0.01\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 344 bytes, 0.000 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-11-04T16:29:55Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:42Z", - "repo": { - "name": "github.com/CMS-Enterprise/cms-ars-5.0-aws-rds-oracle-mysql-8-stig-overlay", - "commit": "7fbd1e2a35302220614d33e7c9b1128412310633" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/2 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/2 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay_data.json b/app/site/_data/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay_data.json index cbdd6c07c7..ba4b782f51 100644 --- a/app/site/_data/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay_data.json +++ b/app/site/_data/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay_data.json @@ -1,258 +1,258 @@ { - "url": "https://github.com/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay", - "owner": "CMS-Enterprise", - "name": "cms-ars-5.0-microsoft-windows-server-2016-stig-overlay", - "description": "Work in Progress", - "commits_count": 1, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 1, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 1, - "average_project_lines": 1, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 0, - "average_blank_lines": 0, - "commits_by_month": { - "2023/4": 1 + "url": "https://github.com/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay", + "owner": "CMS-Enterprise", + "name": "cms-ars-5.0-microsoft-windows-server-2016-stig-overlay", + "description": "Work in Progress", + "commits_count": 1, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 1, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 1, + "average_project_lines": 1, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 0, + "average_blank_lines": 0, + "commits_by_month": { + "2023/4": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 57, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 17.44061253011111, + "estimatedScheduleMonths_low": 0.2215237428056705, + "estimatedPeople_low": 0.007669922244011662, + "estimatedCost_high": 54.35256591392355, + "estimatedScheduleMonths_high": 0.2215237428056705, + "estimatedPeople_high": 0.007669922244011662, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 1 1 0 0 1 0\n(ULOC) 2\n───────────────────────────────────────────────────────────────────────────────\nTotal 1 1 0 0 1 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2\nDRYness % 2.00\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $19\nEstimated Schedule Effort (organic) 0.22 months\nEstimated People Required (organic) 0.01\n───────────────────────────────────────────────────────────────────────────────\nProcessed 57 bytes, 0.000 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-10-24T17:53:01Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:38Z", + "repo": { + "name": "github.com/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay", + "commit": "dda28aa1dde26b2d92741d3fc5fe97321760e096" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 57, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 17.44061253011111, - "estimatedScheduleMonths_low": 0.2215237428056705, - "estimatedPeople_low": 0.007669922244011662, - "estimatedCost_high": 54.35256591392355, - "estimatedScheduleMonths_high": 0.2215237428056705, - "estimatedPeople_high": 0.007669922244011662, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 1 1 0 0 1 0\n(ULOC) 2\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 1 1 0 0 1 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 2\nDRYness % 2.00\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $19\nEstimated Schedule Effort (organic) 0.22 months\nEstimated People Required (organic) 0.01\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 57 bytes, 0.000 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-10-24T17:53:01Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:38Z", - "repo": { - "name": "github.com/CMS-Enterprise/cms-ars-5.0-microsoft-windows-server-2016-stig-overlay", - "commit": "dda28aa1dde26b2d92741d3fc5fe97321760e096" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 2.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/1 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/1 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay_data.json b/app/site/_data/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay_data.json index 34babefd2f..7a4d6b8066 100644 --- a/app/site/_data/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay_data.json +++ b/app/site/_data/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay_data.json @@ -1,293 +1,293 @@ { - "url": "https://github.com/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay", - "owner": "CMS-Enterprise", - "name": "cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay", - "description": null, - "commits_count": 39, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 1, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 1, - "closed_pull_requests_count": 0, - "forks_count": 1, - "stargazers_count": 0, - "watchers_count": 5, - "total_project_lines": 670, - "average_project_lines": 168, - "total_project_comment_lines": 25, - "average_project_comment_lines": 6, - "total_project_blank_lines": 114, - "average_blank_lines": 29, - "commits_by_month": { - "2023/8": 8, - "2023/7": 16, - "2023/6": 3, - "2023/5": 3 + "url": "https://github.com/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay", + "owner": "CMS-Enterprise", + "name": "cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay", + "description": null, + "commits_count": 39, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 1, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 1, + "closed_pull_requests_count": 0, + "forks_count": 1, + "stargazers_count": 0, + "watchers_count": 5, + "total_project_lines": 670, + "average_project_lines": 168, + "total_project_comment_lines": 25, + "average_project_comment_lines": 6, + "total_project_blank_lines": 114, + "average_blank_lines": 29, + "commits_by_month": { + "2023/8": 8, + "2023/7": 16, + "2023/6": 3, + "2023/5": 3 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 11596, + "CodeBytes": 0, + "Lines": 267, + "Code": 189, + "Comment": 0, + "Blank": 78, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Ruby", + "Bytes": 3012, + "CodeBytes": 0, + "Lines": 87, + "Code": 67, + "Comment": 7, + "Blank": 13, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 14342, + "CodeBytes": 0, + "Lines": 316, + "Code": 275, + "Comment": 18, + "Blank": 23, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 12673.920564991191, + "estimatedScheduleMonths_low": 2.7085259099450014, + "estimatedPeople_low": 0.45585581004932296, + "estimatedCost_high": 39497.4718753256, + "estimatedScheduleMonths_high": 2.7085259099450014, + "estimatedPeople_high": 0.45585581004932296, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 2 267 78 0 189 0\n(ULOC) 171\n-------------------------------------------------------------------------------\nRuby 1 87 13 7 67 0\n(ULOC) 58\n-------------------------------------------------------------------------------\nYAML 1 316 23 18 275 0\n(ULOC) 166\n───────────────────────────────────────────────────────────────────────────────\nTotal 4 670 114 25 531 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 393\nDRYness % 0.59\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $13,897\nEstimated Schedule Effort (organic) 2.71 months\nEstimated People Required (organic) 0.46\n───────────────────────────────────────────────────────────────────────────────\nProcessed 28950 bytes, 0.029 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2022-10-24T17:52:10Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:31Z", + "repo": { + "name": "github.com/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay", + "commit": "8db3caef3b69c88b41582b0a5376d6db8a40c853" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 11596, - "CodeBytes": 0, - "Lines": 267, - "Code": 189, - "Comment": 0, - "Blank": 78, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Ruby", - "Bytes": 3012, - "CodeBytes": 0, - "Lines": 87, - "Code": 67, - "Comment": 7, - "Blank": 13, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 14342, - "CodeBytes": 0, - "Lines": 316, - "Code": 275, - "Comment": 18, - "Blank": 23, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 12673.920564991191, - "estimatedScheduleMonths_low": 2.7085259099450014, - "estimatedPeople_low": 0.45585581004932296, - "estimatedCost_high": 39497.4718753256, - "estimatedScheduleMonths_high": 2.7085259099450014, - "estimatedPeople_high": 0.45585581004932296, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 2 267 78 0 189 0\n(ULOC) 171\n-------------------------------------------------------------------------------\nRuby 1 87 13 7 67 0\n(ULOC) 58\n-------------------------------------------------------------------------------\nYAML 1 316 23 18 275 0\n(ULOC) 166\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 4 670 114 25 531 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 393\nDRYness % 0.59\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $13,897\nEstimated Schedule Effort (organic) 2.71 months\nEstimated People Required (organic) 0.46\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 28950 bytes, 0.029 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2022-10-24T17:52:10Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:31Z", - "repo": { - "name": "github.com/CMS-Enterprise/cms-ars-5.0-red-hat-enterprise-linux-7-stig-overlay", - "commit": "8db3caef3b69c88b41582b0a5376d6db8a40c853" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 10, - "reason": "all changesets reviewed", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "Ruby": 3012 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 10, + "reason": "all changesets reviewed", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "Ruby": 3012 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/CMS-Enterprise/test_05152023/test_05152023_data.json b/app/site/_data/CMS-Enterprise/test_05152023/test_05152023_data.json index 9412da40cd..dee4b758b8 100644 --- a/app/site/_data/CMS-Enterprise/test_05152023/test_05152023_data.json +++ b/app/site/_data/CMS-Enterprise/test_05152023/test_05152023_data.json @@ -1,274 +1,274 @@ { - "url": "https://github.com/CMS-Enterprise/test_05152023", - "owner": "CMS-Enterprise", - "name": "test_05152023", - "description": null, - "commits_count": 3, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 1, - "stargazers_count": 0, - "watchers_count": 3, - "total_project_lines": 37, - "average_project_lines": 19, - "total_project_comment_lines": 11, - "average_project_comment_lines": 6, - "total_project_blank_lines": 7, - "average_blank_lines": 4, - "commits_by_month": { - "2024/5": 2, - "2023/5": 1 + "url": "https://github.com/CMS-Enterprise/test_05152023", + "owner": "CMS-Enterprise", + "name": "test_05152023", + "description": null, + "commits_count": 3, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 1, + "stargazers_count": 0, + "watchers_count": 3, + "total_project_lines": 37, + "average_project_lines": 19, + "total_project_comment_lines": 11, + "average_project_comment_lines": 6, + "total_project_blank_lines": 7, + "average_blank_lines": 4, + "commits_by_month": { + "2024/5": 2, + "2023/5": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 26645, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 1140, + "CodeBytes": 0, + "Lines": 36, + "Code": 18, + "Comment": 11, + "Blank": 7, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 383.93085379381745, + "estimatedScheduleMonths_low": 0.7172044363929796, + "estimatedPeople_low": 0.05215062953985707, + "estimatedCost_high": 1196.496224039699, + "estimatedScheduleMonths_high": 0.7172044363929796, + "estimatedPeople_high": 0.05215062953985707, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 1 1 0 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nYAML 1 36 7 11 18 0\n(ULOC) 29\n───────────────────────────────────────────────────────────────────────────────\nTotal 2 37 7 11 19 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 30\nDRYness % 0.81\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $421\nEstimated Schedule Effort (organic) 0.72 months\nEstimated People Required (organic) 0.05\n───────────────────────────────────────────────────────────────────────────────\nProcessed 27785 bytes, 0.028 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-05-15T16:38:05Z", + "ossf_scorecard": { + "date": "2025-01-19T13:37:40Z", + "repo": { + "name": "github.com/CMS-Enterprise/test_05152023", + "commit": "4c6e4fbc20b6e193ea435fc1086513313b9ac8e9" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 26645, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 1140, - "CodeBytes": 0, - "Lines": 36, - "Code": 18, - "Comment": 11, - "Blank": 7, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 383.93085379381745, - "estimatedScheduleMonths_low": 0.7172044363929796, - "estimatedPeople_low": 0.05215062953985707, - "estimatedCost_high": 1196.496224039699, - "estimatedScheduleMonths_high": 0.7172044363929796, - "estimatedPeople_high": 0.05215062953985707, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 1 1 0 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nYAML 1 36 7 11 18 0\n(ULOC) 29\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 2 37 7 11 19 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 30\nDRYness % 0.81\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $421\nEstimated Schedule Effort (organic) 0.72 months\nEstimated People Required (organic) 0.05\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 27785 bytes, 0.028 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-05-15T16:38:05Z", - "ossf_scorecard": { - "date": "2025-01-19T13:37:40Z", - "repo": { - "name": "github.com/CMS-Enterprise/test_05152023", - "commit": "4c6e4fbc20b6e193ea435fc1086513313b9ac8e9" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 2.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/3 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 0, - "reason": "license file not detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 0, - "reason": "security policy file not detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 2.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/3 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 0, + "reason": "license file not detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 0, + "reason": "security policy file not detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +}