diff --git a/app/site/_data/DSACMS/.github/.github_data.json b/app/site/_data/DSACMS/.github/.github_data.json index fee051fc5f..d2e43b8eec 100644 --- a/app/site/_data/DSACMS/.github/.github_data.json +++ b/app/site/_data/DSACMS/.github/.github_data.json @@ -1,342 +1,342 @@ { - "url": "https://github.com/DSACMS/.github", - "owner": "DSACMS", - "name": ".github", - "description": "Template repo for CMS Open Source Projects", - "commits_count": 47, - "issues_count": 3, - "open_issues_count": 1, - "closed_issues_count": 2, - "pull_requests_count": 6, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 5, - "closed_pull_requests_count": 1, - "forks_count": 2, - "stargazers_count": 3, - "watchers_count": 2, - "total_project_lines": 1256, - "average_project_lines": 55, - "total_project_comment_lines": 66, - "average_project_comment_lines": 3, - "total_project_blank_lines": 309, - "average_blank_lines": 13, - "commits_by_month": { - "2025/1": 3, - "2024/12": 5, - "2024/8": 9, - "2024/7": 1, - "2024/6": 3, - "2024/5": 1, - "2023/12": 2, - "2023/6": 3, - "2023/5": 2, - "2023/4": 1 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-16T00:00:00.000Z", - 1 - ], - [ - "2024-12-05T00:00:00.000Z", - 1 - ], - [ - "2024-12-17T00:00:00.000Z", - 1 - ] + "url": "https://github.com/DSACMS/.github", + "owner": "DSACMS", + "name": ".github", + "description": "Template repo for CMS Open Source Projects", + "commits_count": 47, + "issues_count": 3, + "open_issues_count": 1, + "closed_issues_count": 2, + "pull_requests_count": 6, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 5, + "closed_pull_requests_count": 1, + "forks_count": 2, + "stargazers_count": 3, + "watchers_count": 2, + "total_project_lines": 1256, + "average_project_lines": 55, + "total_project_comment_lines": 66, + "average_project_comment_lines": 3, + "total_project_blank_lines": 309, + "average_blank_lines": 13, + "commits_by_month": { + "2025/1": 3, + "2024/12": 5, + "2024/8": 9, + "2024/7": 1, + "2024/6": 3, + "2024/5": 1, + "2023/12": 2, + "2023/6": 3, + "2023/5": 2, + "2023/4": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-16T00:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 42505, - "CodeBytes": 0, - "Lines": 800, - "Code": 530, - "Comment": 0, - "Blank": 270, - "Complexity": 0, - "Count": 14, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 3605, - "CodeBytes": 0, - "Lines": 111, - "Code": 110, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 7942, - "CodeBytes": 0, - "Lines": 176, - "Code": 109, - "Comment": 51, - "Blank": 16, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 1308, - "CodeBytes": 0, - "Lines": 51, - "Code": 26, - "Comment": 15, - "Blank": 10, - "Complexity": 7, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7047, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 21643.954482940186, - "estimatedScheduleMonths_low": 3.319362889457195, - "estimatedPeople_low": 0.6352305636972091, - "estimatedCost_high": 67452.01526843809, - "estimatedScheduleMonths_high": 3.319362889457195, - "estimatedPeople_high": 0.6352305636972091, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 14 800 270 0 530 0\n(ULOC) 458\n-------------------------------------------------------------------------------\nJSON 3 111 1 0 110 0\n(ULOC) 63\n-------------------------------------------------------------------------------\nYAML 3 176 16 51 109 0\n(ULOC) 123\n-------------------------------------------------------------------------------\nShell 2 51 10 15 26 7\n(ULOC) 40\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 23 1259 309 66 884 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 788\nDRYness % 0.63\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $23,733\nEstimated Schedule Effort (organic) 3.32 months\nEstimated People Required (organic) 0.64\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 62407 bytes, 0.062 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "created_at": "2023-03-28T21:30:52Z", - "ossf_scorecard": { - "date": "2025-01-19T13:18:07Z", - "repo": { - "name": "github.com/DSACMS/.github", - "commit": "aa056d780f03df0be0d9243e393ded2d6e3d0460" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 5 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 2, - "reason": "Found 5/22 approved changesets -- score normalized to 2", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 5 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "internal error: internal error: invalid GitHub workflow:\n:18:0: could not parse as YAML: yaml: line 18: found character that cannot start any token [syntax-check]", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 6, - "reason": "8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "internal error: internal error: invalid GitHub workflow:\n:18:0: could not parse as YAML: yaml: line 18: found character that cannot start any token [syntax-check]", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "internal error: internal error: invalid GitHub workflow:\n:18:0: could not parse as YAML: yaml: line 18: found character that cannot start any token [syntax-check]", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": -1, - "reason": "internal error: internal error: invalid GitHub workflow:\n:18:0: could not parse as YAML: yaml: line 18: found character that cannot start any token [syntax-check]", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "internal error: internal error: invalid GitHub workflow:\n:18:0: could not parse as YAML: yaml: line 18: found character that cannot start any token [syntax-check]", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + [ + "2024-12-05T00:00:00.000Z", + 1 + ], + [ + "2024-12-17T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 42505, + "CodeBytes": 0, + "Lines": 800, + "Code": 530, + "Comment": 0, + "Blank": 270, + "Complexity": 0, + "Count": 14, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 3605, + "CodeBytes": 0, + "Lines": 111, + "Code": 110, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 7942, + "CodeBytes": 0, + "Lines": 176, + "Code": 109, + "Comment": 51, + "Blank": 16, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 1308, + "CodeBytes": 0, + "Lines": 51, + "Code": 26, + "Comment": 15, + "Blank": 10, + "Complexity": 7, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7047, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 21643.954482940186, + "estimatedScheduleMonths_low": 3.319362889457195, + "estimatedPeople_low": 0.6352305636972091, + "estimatedCost_high": 67452.01526843809, + "estimatedScheduleMonths_high": 3.319362889457195, + "estimatedPeople_high": 0.6352305636972091, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 14 800 270 0 530 0\n(ULOC) 458\n-------------------------------------------------------------------------------\nJSON 3 111 1 0 110 0\n(ULOC) 63\n-------------------------------------------------------------------------------\nYAML 3 176 16 51 109 0\n(ULOC) 123\n-------------------------------------------------------------------------------\nShell 2 51 10 15 26 7\n(ULOC) 40\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 23 1259 309 66 884 7\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 788\nDRYness % 0.63\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $23,733\nEstimated Schedule Effort (organic) 3.32 months\nEstimated People Required (organic) 0.64\n───────────────────────────────────────────────────────────────────────────────\nProcessed 62407 bytes, 0.062 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-03-28T21:30:52Z", + "ossf_scorecard": { + "date": "2025-01-19T13:18:07Z", + "repo": { + "name": "github.com/DSACMS/.github", + "commit": "aa056d780f03df0be0d9243e393ded2d6e3d0460" }, - "predominant_langs": { - "Shell": 502 + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 4.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 5 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 2, + "reason": "Found 5/22 approved changesets -- score normalized to 2", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 5 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "internal error: internal error: invalid GitHub workflow:\n:18:0: could not parse as YAML: yaml: line 18: found character that cannot start any token [syntax-check]", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 6, + "reason": "8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "internal error: internal error: invalid GitHub workflow:\n:18:0: could not parse as YAML: yaml: line 18: found character that cannot start any token [syntax-check]", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "internal error: internal error: invalid GitHub workflow:\n:18:0: could not parse as YAML: yaml: line 18: found character that cannot start any token [syntax-check]", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": -1, + "reason": "internal error: internal error: invalid GitHub workflow:\n:18:0: could not parse as YAML: yaml: line 18: found character that cannot start any token [syntax-check]", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "internal error: internal error: invalid GitHub workflow:\n:18:0: could not parse as YAML: yaml: line 18: found character that cannot start any token [syntax-check]", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "Shell": 502 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/DSACMS/cms-gource/cms-gource_data.json b/app/site/_data/DSACMS/cms-gource/cms-gource_data.json index 5553c6b03b..5b22e2652b 100644 --- a/app/site/_data/DSACMS/cms-gource/cms-gource_data.json +++ b/app/site/_data/DSACMS/cms-gource/cms-gource_data.json @@ -1,288 +1,288 @@ { - "url": "https://github.com/DSACMS/cms-gource", - "owner": "DSACMS", - "name": "cms-gource", - "description": "Gource.io Visualization of Developer.CMS.gov Open Source repositories", - "commits_count": 26, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 1, - "stargazers_count": 1, - "watchers_count": 0, - "total_project_lines": 129746, - "average_project_lines": 11795, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 112, - "average_blank_lines": 10, - "commits_by_month": { - "2023/3": 26 + "url": "https://github.com/DSACMS/cms-gource", + "owner": "DSACMS", + "name": "cms-gource", + "description": "Gource.io Visualization of Developer.CMS.gov Open Source repositories", + "commits_count": 26, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 1, + "stargazers_count": 1, + "watchers_count": 0, + "total_project_lines": 129746, + "average_project_lines": 11795, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 112, + "average_blank_lines": 10, + "commits_by_month": { + "2023/3": 26 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Plain Text", + "Bytes": 14870814, + "CodeBytes": 0, + "Lines": 129299, + "Code": 129299, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 13706, + "CodeBytes": 0, + "Lines": 331, + "Code": 239, + "Comment": 0, + "Blank": 92, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 6555, + "CodeBytes": 0, + "Lines": 116, + "Code": 96, + "Comment": 0, + "Blank": 20, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 4073020.5534454766, + "estimatedScheduleMonths_low": 24.28818881167377, + "estimatedPeople_low": 16.336949979612644, + "estimatedCost_high": 12693310.955547055, + "estimatedScheduleMonths_high": 24.28818881167377, + "estimatedPeople_high": 16.336949979612644, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nPlain Text 8 129299 0 0 129299 0\n(ULOC) 128124\n-------------------------------------------------------------------------------\nMarkdown 2 331 92 0 239 0\n(ULOC) 238\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n───────────────────────────────────────────────────────────────────────────────\nTotal 11 129746 112 0 129634 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 128457\nDRYness % 0.99\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $4,466,323\nEstimated Schedule Effort (organic) 24.29 months\nEstimated People Required (organic) 16.34\n───────────────────────────────────────────────────────────────────────────────\nProcessed 14891075 bytes, 14.891 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-08-21T15:47:26Z", + "ossf_scorecard": { + "date": "2025-01-19T13:19:43Z", + "repo": { + "name": "github.com/DSACMS/cms-gource", + "commit": "2cc274069a65787b994d7f30e2699f9ee0363a55" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Plain Text", - "Bytes": 14870814, - "CodeBytes": 0, - "Lines": 129299, - "Code": 129299, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 13706, - "CodeBytes": 0, - "Lines": 331, - "Code": 239, - "Comment": 0, - "Blank": 92, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 6555, - "CodeBytes": 0, - "Lines": 116, - "Code": 96, - "Comment": 0, - "Blank": 20, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 4073020.5534454766, - "estimatedScheduleMonths_low": 24.28818881167377, - "estimatedPeople_low": 16.336949979612644, - "estimatedCost_high": 12693310.955547055, - "estimatedScheduleMonths_high": 24.28818881167377, - "estimatedPeople_high": 16.336949979612644, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nPlain Text 8 129299 0 0 129299 0\n(ULOC) 128124\n-------------------------------------------------------------------------------\nMarkdown 2 331 92 0 239 0\n(ULOC) 238\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 11 129746 112 0 129634 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 128457\nDRYness % 0.99\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $4,466,323\nEstimated Schedule Effort (organic) 24.29 months\nEstimated People Required (organic) 16.34\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 14891075 bytes, 14.891 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-08-21T15:47:26Z", - "ossf_scorecard": { - "date": "2025-01-19T13:19:43Z", - "repo": { - "name": "github.com/DSACMS/cms-gource", - "commit": "2cc274069a65787b994d7f30e2699f9ee0363a55" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.7, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/26 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 3 contributing companies or organizations -- score normalized to 10", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": {}, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.7, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/26 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 3 contributing companies or organizations -- score normalized to 10", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": {}, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/DSACMS/dedupliFHIR/dedupliFHIR_data.json b/app/site/_data/DSACMS/dedupliFHIR/dedupliFHIR_data.json index 01b663b81b..8cbc5090a0 100644 --- a/app/site/_data/DSACMS/dedupliFHIR/dedupliFHIR_data.json +++ b/app/site/_data/DSACMS/dedupliFHIR/dedupliFHIR_data.json @@ -1,792 +1,792 @@ { - "url": "https://github.com/DSACMS/dedupliFHIR", - "owner": "DSACMS", - "name": "dedupliFHIR", - "description": "Prototype for basic deduplication and aggregation of eCQM data", - "commits_count": 505, - "issues_count": 22, - "open_issues_count": 10, - "closed_issues_count": 12, - "pull_requests_count": 199, - "open_pull_requests_count": 15, - "merged_pull_requests_count": 117, - "closed_pull_requests_count": 67, - "forks_count": 3, - "stargazers_count": 8, - "watchers_count": 4, - "total_project_lines": 4615, - "average_project_lines": 82, - "total_project_comment_lines": 370, - "average_project_comment_lines": 7, - "total_project_blank_lines": 589, - "average_blank_lines": 11, - "commits_by_month": { - "2024/11": 14, - "2024/10": 16 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-13T00:00:00.000Z", - 3 - ], - [ - "2024-08-15T00:00:00.000Z", - 1 - ], - [ - "2024-08-30T00:00:00.000Z", - 1 - ], - [ - "2024-09-05T00:00:00.000Z", - 2 - ], - [ - "2024-09-17T00:00:00.000Z", - 1 - ], - [ - "2024-09-19T00:00:00.000Z", - 2 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "project_type": "Tools", - "user_input": "Yes", - "project_fisma_level": "Moderate", - "group": "CMS/OA/DSAC", - "subset_in_healthcare": "Operational", - "user_type": "Providers", - "repository_host": "Github.com", - "maturity_model_tier": "3", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 36091, - "CodeBytes": 0, - "Lines": 825, - "Code": 543, - "Comment": 0, - "Blank": 282, - "Complexity": 0, - "Count": 18, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 45281, - "CodeBytes": 0, - "Lines": 1404, - "Code": 906, - "Comment": 333, - "Blank": 165, - "Complexity": 89, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 13742, - "CodeBytes": 0, - "Lines": 458, - "Code": 363, - "Comment": 27, - "Blank": 68, - "Complexity": 15, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 11731, - "CodeBytes": 0, - "Lines": 518, - "Code": 517, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 6458, - "CodeBytes": 0, - "Lines": 164, - "Code": 161, - "Comment": 0, - "Blank": 3, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 6929, - "CodeBytes": 0, - "Lines": 246, - "Code": 222, - "Comment": 1, - "Blank": 23, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 548, - "CodeBytes": 0, - "Lines": 21, - "Code": 10, - "Comment": 8, - "Blank": 3, - "Complexity": 3, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TOML", - "Bytes": 714, - "CodeBytes": 0, - "Lines": 38, - "Code": 32, - "Comment": 0, - "Blank": 6, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 1208, - "CodeBytes": 0, - "Lines": 95, - "Code": 80, - "Comment": 0, - "Blank": 15, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 94796, - "CodeBytes": 0, - "Lines": 501, - "Code": 501, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "INI", - "Bytes": 0, - "CodeBytes": 0, - "Lines": 0, - "Code": 0, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7048, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 177, - "CodeBytes": 0, - "Lines": 9, - "Code": 7, - "Comment": 0, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 6453, - "CodeBytes": 0, - "Lines": 84, - "Code": 80, - "Comment": 1, - "Blank": 3, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 92651.9015694818, - "estimatedScheduleMonths_low": 5.768082585359043, - "estimatedPeople_low": 1.5648487788918517, - "estimatedCost_high": 288743.79144718795, - "estimatedScheduleMonths_high": 5.768082585359043, - "estimatedPeople_high": 1.5648487788918517, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 18 825 282 0 543 0\n(ULOC) 441\n-------------------------------------------------------------------------------\nPython 9 1404 165 333 906 89\n(ULOC) 890\n-------------------------------------------------------------------------------\nJavaScript 7 458 68 27 363 15\n(ULOC) 324\n-------------------------------------------------------------------------------\nJSON 5 518 1 0 517 0\n(ULOC) 230\n-------------------------------------------------------------------------------\nHTML 4 164 3 0 161 0\n(ULOC) 99\n-------------------------------------------------------------------------------\nYAML 4 246 23 1 222 0\n(ULOC) 151\n-------------------------------------------------------------------------------\nShell 2 21 3 8 10 3\n(ULOC) 17\n-------------------------------------------------------------------------------\nTOML 2 38 6 0 32 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nCSS 1 95 15 0 80 0\n(ULOC) 61\n-------------------------------------------------------------------------------\nCSV 1 501 0 0 501 0\n(ULOC) 502\n-------------------------------------------------------------------------------\nINI 1 0 0 0 0 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMakefile 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nSVG 1 84 3 1 80 0\n(ULOC) 70\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 57 4484 583 370 3531 107\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 2910\nDRYness % 0.65\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $101,598\nEstimated Schedule Effort (organic) 5.77 months\nEstimated People Required (organic) 1.56\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 231176 bytes, 0.231 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "created_at": "2023-06-22T17:08:19Z", - "ossf_scorecard": { - "date": "2025-01-19T13:18:41Z", - "repo": { - "name": "github.com/DSACMS/dedupliFHIR", - "commit": "64fad3a0af903b94e651179f0fe0e413ab381725" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 4, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 5, - "reason": "5 out of 9 merged PRs checked by a CI test -- score normalized to 5", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 2, - "reason": "Found 1/4 approved changesets -- score normalized to 2", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 4 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "27 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 1, - "reason": "dependency not pinned by hash detected -- score normalized to 1", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool is run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": 0, - "reason": "Project has not signed or included provenance with any releases.", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 6, - "reason": "4 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "url": "https://github.com/DSACMS/dedupliFHIR", + "owner": "DSACMS", + "name": "dedupliFHIR", + "description": "Prototype for basic deduplication and aggregation of eCQM data", + "commits_count": 505, + "issues_count": 22, + "open_issues_count": 10, + "closed_issues_count": 12, + "pull_requests_count": 199, + "open_pull_requests_count": 15, + "merged_pull_requests_count": 117, + "closed_pull_requests_count": 67, + "forks_count": 3, + "stargazers_count": 8, + "watchers_count": 4, + "total_project_lines": 4615, + "average_project_lines": 82, + "total_project_comment_lines": 370, + "average_project_comment_lines": 7, + "total_project_blank_lines": 589, + "average_blank_lines": 11, + "commits_by_month": { + "2024/11": 14, + "2024/10": 16 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-13T00:00:00.000Z", + 3 + ], + [ + "2024-08-15T00:00:00.000Z", + 1 + ], + [ + "2024-08-30T00:00:00.000Z", + 1 + ], + [ + "2024-09-05T00:00:00.000Z", + 2 + ], + [ + "2024-09-17T00:00:00.000Z", + 1 + ], + [ + "2024-09-19T00:00:00.000Z", + 2 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "project_type": "Tools", + "user_input": "Yes", + "project_fisma_level": "Moderate", + "group": "CMS/OA/DSAC", + "subset_in_healthcare": "Operational", + "user_type": "Providers", + "repository_host": "Github.com", + "maturity_model_tier": "3", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 36091, + "CodeBytes": 0, + "Lines": 825, + "Code": 543, + "Comment": 0, + "Blank": 282, + "Complexity": 0, + "Count": 18, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 45281, + "CodeBytes": 0, + "Lines": 1404, + "Code": 906, + "Comment": 333, + "Blank": 165, + "Complexity": 89, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 13742, + "CodeBytes": 0, + "Lines": 458, + "Code": 363, + "Comment": 27, + "Blank": 68, + "Complexity": 15, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 11731, + "CodeBytes": 0, + "Lines": 518, + "Code": 517, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 6458, + "CodeBytes": 0, + "Lines": 164, + "Code": 161, + "Comment": 0, + "Blank": 3, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 6929, + "CodeBytes": 0, + "Lines": 246, + "Code": 222, + "Comment": 1, + "Blank": 23, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 548, + "CodeBytes": 0, + "Lines": 21, + "Code": 10, + "Comment": 8, + "Blank": 3, + "Complexity": 3, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TOML", + "Bytes": 714, + "CodeBytes": 0, + "Lines": 38, + "Code": 32, + "Comment": 0, + "Blank": 6, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 1208, + "CodeBytes": 0, + "Lines": 95, + "Code": 80, + "Comment": 0, + "Blank": 15, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 94796, + "CodeBytes": 0, + "Lines": 501, + "Code": 501, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "INI", + "Bytes": 0, + "CodeBytes": 0, + "Lines": 0, + "Code": 0, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7048, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 177, + "CodeBytes": 0, + "Lines": 9, + "Code": 7, + "Comment": 0, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 6453, + "CodeBytes": 0, + "Lines": 84, + "Code": 80, + "Comment": 1, + "Blank": 3, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 92651.9015694818, + "estimatedScheduleMonths_low": 5.768082585359043, + "estimatedPeople_low": 1.5648487788918517, + "estimatedCost_high": 288743.79144718795, + "estimatedScheduleMonths_high": 5.768082585359043, + "estimatedPeople_high": 1.5648487788918517, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 18 825 282 0 543 0\n(ULOC) 441\n-------------------------------------------------------------------------------\nPython 9 1404 165 333 906 89\n(ULOC) 890\n-------------------------------------------------------------------------------\nJavaScript 7 458 68 27 363 15\n(ULOC) 324\n-------------------------------------------------------------------------------\nJSON 5 518 1 0 517 0\n(ULOC) 230\n-------------------------------------------------------------------------------\nHTML 4 164 3 0 161 0\n(ULOC) 99\n-------------------------------------------------------------------------------\nYAML 4 246 23 1 222 0\n(ULOC) 151\n-------------------------------------------------------------------------------\nShell 2 21 3 8 10 3\n(ULOC) 17\n-------------------------------------------------------------------------------\nTOML 2 38 6 0 32 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nCSS 1 95 15 0 80 0\n(ULOC) 61\n-------------------------------------------------------------------------------\nCSV 1 501 0 0 501 0\n(ULOC) 502\n-------------------------------------------------------------------------------\nINI 1 0 0 0 0 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMakefile 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nSVG 1 84 3 1 80 0\n(ULOC) 70\n───────────────────────────────────────────────────────────────────────────────\nTotal 57 4484 583 370 3531 107\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2910\nDRYness % 0.65\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $101,598\nEstimated Schedule Effort (organic) 5.77 months\nEstimated People Required (organic) 1.56\n───────────────────────────────────────────────────────────────────────────────\nProcessed 231176 bytes, 0.231 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-06-22T17:08:19Z", + "ossf_scorecard": { + "date": "2025-01-19T13:18:41Z", + "repo": { + "name": "github.com/DSACMS/dedupliFHIR", + "commit": "64fad3a0af903b94e651179f0fe0e413ab381725" }, - "predominant_langs": { - "Python": 45281, - "JavaScript": 13742, - "HTML": 6458, - "CSS": 1208, - "Shell": 548, - "Makefile": 177 + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "projectType": "Tools", - "userInput": "Yes", - "fismaLevel": "Moderate", - "subsetInHealthcare": "Operational", - "userType": "Providers", - "repositoryHost": "Github.com", - "maturityModelTier": "3", - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "average_issue_resolution_time": [ - [ - "deduplifhir", - "73 days 29:04:38.083333" - ] - ], - "repo_dependency_libyear_list": [ - [ - "@electron-toolkit/eslint-config-prettier", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "@playwright/test", - -0.0356164384, - "2024-11-07T06:10:02.000" - ], - [ - "@uswds/uswds", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "altair", - 0.4082191781, - "2024-11-07T06:10:02.000" - ], - [ - "astroid", - 0.2082191781, - "2024-11-07T06:10:02.000" - ], - [ - "attrs", - 0.6, - "2024-11-07T06:10:02.000" - ], - [ - "black", - 0.4493150685, - "2024-11-07T06:10:02.000" - ], - [ - "click", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "colorama", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "dill", - 0.6712328767, - "2024-11-07T06:10:02.000" - ], - [ - "duckdb", - 0.4219178082, - "2024-11-07T06:10:02.000" - ], - [ - "electron", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "electron-builder", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "eslint", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "et-xmlfile", - 3.501369863, - "2024-11-07T06:10:02.000" - ], - [ - "exceptiongroup", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "faker", - 0.1561643836, - "2024-11-07T06:10:02.000" - ], - [ - "flake8", - 0.1342465753, - "2024-11-07T06:10:02.000" - ], - [ - "fs-extra", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "igraph", - 0.304109589, - "2024-11-07T06:10:02.000" - ], - [ - "iniconfig", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "isort", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "jinja2", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "jsonschema", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "jsonschema-specifications", - 0.7863013699, - "2024-11-07T06:10:02.000" - ], - [ - "lxml", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "markupsafe", - 0.7068493151, - "2024-11-07T06:10:02.000" - ], - [ - "mccabe", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "mypy-extensions", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "numpy", - 0.2849315068, - "2024-11-07T06:10:02.000" - ], - [ - "openpyxl", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "packaging", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "pandas", - 0.4438356164, - "2024-11-07T06:10:02.000" - ], - [ - "pathspec", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "platformdirs", - 0.3424657534, - "2024-11-07T06:10:02.000" - ], - [ - "pluggy", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "prettier", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "pyarrow", - 0.2794520548, - "2024-11-07T06:10:02.000" - ], - [ - "pycodestyle", - 0.1342465753, - "2024-11-07T06:10:02.000" - ], - [ - "pyflakes", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "pylint", - 0.1753424658, - "2024-11-07T06:10:02.000" - ], - [ - "pytest", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "python-dateutil", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "python-shell", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "pytz", - 0.6082191781, - "2024-11-07T06:10:02.000" - ], - [ - "referencing", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "rpds-py", - 0.2876712329, - "2024-11-07T06:10:02.000" - ], - [ - "six", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "splink", - 0.1671232877, - "2024-11-07T06:10:02.000" - ], - [ - "sqlglot", - 0.2684931507, - "2024-11-07T06:10:02.000" - ], - [ - "text2num", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "texttable", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "tomli", - 2.6465753425, - "2024-11-07T06:10:02.000" - ], - [ - "tomlkit", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "toolz", - 0.695890411, - "2024-11-07T06:10:02.000" - ], - [ - "typing-extensions", - 0.0, - "2024-11-07T06:10:02.000" - ], - [ - "tzdata", - 0.6136986301, - "2024-11-07T06:10:02.000" - ] + "score": 5.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 4, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 5, + "reason": "5 out of 9 merged PRs checked by a CI test -- score normalized to 5", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 2, + "reason": "Found 1/4 approved changesets -- score normalized to 2", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 4 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "27 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 1, + "reason": "dependency not pinned by hash detected -- score normalized to 1", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool is run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": 0, + "reason": "Project has not signed or included provenance with any releases.", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 6, + "reason": "4 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "Python": 45281, + "JavaScript": 13742, + "HTML": 6458, + "CSS": 1208, + "Shell": 548, + "Makefile": 177 + }, + "projectType": "Tools", + "userInput": "Yes", + "fismaLevel": "Moderate", + "subsetInHealthcare": "Operational", + "userType": "Providers", + "repositoryHost": "Github.com", + "maturityModelTier": "3", + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "average_issue_resolution_time": [ + [ + "deduplifhir", + "73 days 29:04:38.083333" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@electron-toolkit/eslint-config-prettier", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "@playwright/test", + -0.0356164384, + "2024-11-07T06:10:02.000" + ], + [ + "@uswds/uswds", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "altair", + 0.4082191781, + "2024-11-07T06:10:02.000" + ], + [ + "astroid", + 0.2082191781, + "2024-11-07T06:10:02.000" + ], + [ + "attrs", + 0.6, + "2024-11-07T06:10:02.000" + ], + [ + "black", + 0.4493150685, + "2024-11-07T06:10:02.000" + ], + [ + "click", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "colorama", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "dill", + 0.6712328767, + "2024-11-07T06:10:02.000" + ], + [ + "duckdb", + 0.4219178082, + "2024-11-07T06:10:02.000" + ], + [ + "electron", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "electron-builder", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "eslint", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "et-xmlfile", + 3.501369863, + "2024-11-07T06:10:02.000" + ], + [ + "exceptiongroup", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "faker", + 0.1561643836, + "2024-11-07T06:10:02.000" + ], + [ + "flake8", + 0.1342465753, + "2024-11-07T06:10:02.000" + ], + [ + "fs-extra", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "igraph", + 0.304109589, + "2024-11-07T06:10:02.000" + ], + [ + "iniconfig", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "isort", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "jinja2", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "jsonschema", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "jsonschema-specifications", + 0.7863013699, + "2024-11-07T06:10:02.000" + ], + [ + "lxml", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "markupsafe", + 0.7068493151, + "2024-11-07T06:10:02.000" + ], + [ + "mccabe", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "mypy-extensions", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "numpy", + 0.2849315068, + "2024-11-07T06:10:02.000" + ], + [ + "openpyxl", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "packaging", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "pandas", + 0.4438356164, + "2024-11-07T06:10:02.000" + ], + [ + "pathspec", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "platformdirs", + 0.3424657534, + "2024-11-07T06:10:02.000" + ], + [ + "pluggy", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "prettier", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "pyarrow", + 0.2794520548, + "2024-11-07T06:10:02.000" + ], + [ + "pycodestyle", + 0.1342465753, + "2024-11-07T06:10:02.000" + ], + [ + "pyflakes", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "pylint", + 0.1753424658, + "2024-11-07T06:10:02.000" + ], + [ + "pytest", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "python-dateutil", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "python-shell", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "pytz", + 0.6082191781, + "2024-11-07T06:10:02.000" + ], + [ + "referencing", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "rpds-py", + 0.2876712329, + "2024-11-07T06:10:02.000" + ], + [ + "six", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "splink", + 0.1671232877, + "2024-11-07T06:10:02.000" + ], + [ + "sqlglot", + 0.2684931507, + "2024-11-07T06:10:02.000" + ], + [ + "text2num", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "texttable", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "tomli", + 2.6465753425, + "2024-11-07T06:10:02.000" + ], + [ + "tomlkit", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "toolz", + 0.695890411, + "2024-11-07T06:10:02.000" + ], + [ + "typing-extensions", + 0.0, + "2024-11-07T06:10:02.000" + ], + [ + "tzdata", + 0.6136986301, + "2024-11-07T06:10:02.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/DSACMS/drive2gource/drive2gource_data.json b/app/site/_data/DSACMS/drive2gource/drive2gource_data.json index f25f9b32f5..3c7bc5d347 100644 --- a/app/site/_data/DSACMS/drive2gource/drive2gource_data.json +++ b/app/site/_data/DSACMS/drive2gource/drive2gource_data.json @@ -1,290 +1,290 @@ { - "url": "https://github.com/DSACMS/drive2gource", - "owner": "DSACMS", - "name": "drive2gource", - "description": "Moved to CMSgov Org: https://github.com/CMSgov/drive2gource", - "commits_count": 5, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 2, - "total_project_lines": 1047, - "average_project_lines": 116, - "total_project_comment_lines": 31, - "average_project_comment_lines": 3, - "total_project_blank_lines": 143, - "average_blank_lines": 16, - "commits_by_month": { - "2023/7": 5 + "url": "https://github.com/DSACMS/drive2gource", + "owner": "DSACMS", + "name": "drive2gource", + "description": "Moved to CMSgov Org: https://github.com/CMSgov/drive2gource", + "commits_count": 5, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 2, + "total_project_lines": 1047, + "average_project_lines": 116, + "total_project_comment_lines": 31, + "average_project_comment_lines": 3, + "total_project_blank_lines": 143, + "average_blank_lines": 16, + "commits_by_month": { + "2023/7": 5 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 11090, + "CodeBytes": 0, + "Lines": 223, + "Code": 151, + "Comment": 0, + "Blank": 72, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 14082, + "CodeBytes": 0, + "Lines": 457, + "Code": 355, + "Comment": 31, + "Blank": 71, + "Complexity": 76, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 7883, + "CodeBytes": 0, + "Lines": 367, + "Code": 367, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 21361.25131743224, + "estimatedScheduleMonths_low": 3.3028204410053568, + "estimatedPeople_low": 0.6300735285135932, + "estimatedCost_high": 66570.98873276931, + "estimatedScheduleMonths_high": 3.3028204410053568, + "estimatedPeople_high": 0.6300735285135932, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 6 223 72 0 151 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nJavaScript 2 457 71 31 355 76\n(ULOC) 298\n-------------------------------------------------------------------------------\nJSON 1 367 0 0 367 0\n(ULOC) 133\n───────────────────────────────────────────────────────────────────────────────\nTotal 9 1047 143 31 873 76\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 568\nDRYness % 0.54\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $23,423\nEstimated Schedule Effort (organic) 3.30 months\nEstimated People Required (organic) 0.63\n───────────────────────────────────────────────────────────────────────────────\nProcessed 33055 bytes, 0.033 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-07-26T17:35:04Z", + "ossf_scorecard": { + "date": "2025-01-19T13:18:53Z", + "repo": { + "name": "github.com/DSACMS/drive2gource", + "commit": "c5b9049b2407b7c1d9adaac6ea4000a3085c9e32" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 11090, - "CodeBytes": 0, - "Lines": 223, - "Code": 151, - "Comment": 0, - "Blank": 72, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 14082, - "CodeBytes": 0, - "Lines": 457, - "Code": 355, - "Comment": 31, - "Blank": 71, - "Complexity": 76, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 7883, - "CodeBytes": 0, - "Lines": 367, - "Code": 367, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 21361.25131743224, - "estimatedScheduleMonths_low": 3.3028204410053568, - "estimatedPeople_low": 0.6300735285135932, - "estimatedCost_high": 66570.98873276931, - "estimatedScheduleMonths_high": 3.3028204410053568, - "estimatedPeople_high": 0.6300735285135932, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 6 223 72 0 151 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nJavaScript 2 457 71 31 355 76\n(ULOC) 298\n-------------------------------------------------------------------------------\nJSON 1 367 0 0 367 0\n(ULOC) 133\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 9 1047 143 31 873 76\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 568\nDRYness % 0.54\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $23,423\nEstimated Schedule Effort (organic) 3.30 months\nEstimated People Required (organic) 0.63\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 33055 bytes, 0.033 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-07-26T17:35:04Z", - "ossf_scorecard": { - "date": "2025-01-19T13:18:53Z", - "repo": { - "name": "github.com/DSACMS/drive2gource", - "commit": "c5b9049b2407b7c1d9adaac6ea4000a3085c9e32" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/5 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "project is archived", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "JavaScript": 14082 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/5 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "project is archived", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "JavaScript": 14082 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/DSACMS/dsacms.github.io/dsacms.github.io_data.json b/app/site/_data/DSACMS/dsacms.github.io/dsacms.github.io_data.json index 69aa194d9c..6170d1f498 100644 --- a/app/site/_data/DSACMS/dsacms.github.io/dsacms.github.io_data.json +++ b/app/site/_data/DSACMS/dsacms.github.io/dsacms.github.io_data.json @@ -1,301 +1,301 @@ { - "url": "https://github.com/DSACMS/dsacms.github.io", - "owner": "DSACMS", - "name": "dsacms.github.io", - "description": "Landing Page for DSACMS GitHub Organization", - "commits_count": 5, - "issues_count": 1, - "open_issues_count": 1, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 2, - "watchers_count": 2, - "total_project_lines": 934, - "average_project_lines": 78, - "total_project_comment_lines": 7, - "average_project_comment_lines": 1, - "total_project_blank_lines": 190, - "average_blank_lines": 16, - "commits_by_month": { - "2024/12": 2, - "2024/6": 1, - "2023/6": 2 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-12-09T00:00:00.000Z", - 1 - ], - [ - "2024-12-17T00:00:00.000Z", - 1 - ] + "url": "https://github.com/DSACMS/dsacms.github.io", + "owner": "DSACMS", + "name": "dsacms.github.io", + "description": "Landing Page for DSACMS GitHub Organization", + "commits_count": 5, + "issues_count": 1, + "open_issues_count": 1, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 2, + "watchers_count": 2, + "total_project_lines": 934, + "average_project_lines": 78, + "total_project_comment_lines": 7, + "average_project_comment_lines": 1, + "total_project_blank_lines": 190, + "average_blank_lines": 16, + "commits_by_month": { + "2024/12": 2, + "2024/6": 1, + "2023/6": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-12-09T00:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 24900, - "CodeBytes": 0, - "Lines": 582, - "Code": 394, - "Comment": 0, - "Blank": 188, - "Complexity": 0, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 7883, - "CodeBytes": 0, - "Lines": 367, - "Code": 367, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 503, - "CodeBytes": 0, - "Lines": 18, - "Code": 8, - "Comment": 7, - "Blank": 3, - "Complexity": 3, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 18697.53653342812, - "estimatedScheduleMonths_low": 3.139821002077638, - "estimatedPeople_low": 0.5801349209398651, - "estimatedCost_high": 58269.690075768856, - "estimatedScheduleMonths_high": 3.139821002077638, - "estimatedPeople_high": 0.5801349209398651, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 10 582 188 0 394 0\n(ULOC) 324\n-------------------------------------------------------------------------------\nJSON 1 367 0 0 367 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nShell 1 18 3 7 8 3\n(ULOC) 15\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 12 967 191 7 769 3\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 471\nDRYness % 0.49\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $20,503\nEstimated Schedule Effort (organic) 3.14 months\nEstimated People Required (organic) 0.58\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 33286 bytes, 0.033 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "created_at": "2023-06-06T17:27:47Z", - "ossf_scorecard": { - "date": "2025-01-19T13:18:18Z", - "repo": { - "name": "github.com/DSACMS/dsacms.github.io", - "commit": "5fbd2e8ade8d7c791e77df436a630c04614f0525" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/5 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 1, - "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + [ + "2024-12-17T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 24900, + "CodeBytes": 0, + "Lines": 582, + "Code": 394, + "Comment": 0, + "Blank": 188, + "Complexity": 0, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 7883, + "CodeBytes": 0, + "Lines": 367, + "Code": 367, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 503, + "CodeBytes": 0, + "Lines": 18, + "Code": 8, + "Comment": 7, + "Blank": 3, + "Complexity": 3, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 18697.53653342812, + "estimatedScheduleMonths_low": 3.139821002077638, + "estimatedPeople_low": 0.5801349209398651, + "estimatedCost_high": 58269.690075768856, + "estimatedScheduleMonths_high": 3.139821002077638, + "estimatedPeople_high": 0.5801349209398651, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 10 582 188 0 394 0\n(ULOC) 324\n-------------------------------------------------------------------------------\nJSON 1 367 0 0 367 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nShell 1 18 3 7 8 3\n(ULOC) 15\n───────────────────────────────────────────────────────────────────────────────\nTotal 12 967 191 7 769 3\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 471\nDRYness % 0.49\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $20,503\nEstimated Schedule Effort (organic) 3.14 months\nEstimated People Required (organic) 0.58\n───────────────────────────────────────────────────────────────────────────────\nProcessed 33286 bytes, 0.033 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-06-06T17:27:47Z", + "ossf_scorecard": { + "date": "2025-01-19T13:18:18Z", + "repo": { + "name": "github.com/DSACMS/dsacms.github.io", + "commit": "5fbd2e8ade8d7c791e77df436a630c04614f0525" }, - "predominant_langs": { - "Shell": 503 + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/5 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 1, + "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "Shell": 503 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/DSACMS/income-reporting-playbook/income-reporting-playbook_data.json b/app/site/_data/DSACMS/income-reporting-playbook/income-reporting-playbook_data.json index 427c0cf4d9..27293b6514 100644 --- a/app/site/_data/DSACMS/income-reporting-playbook/income-reporting-playbook_data.json +++ b/app/site/_data/DSACMS/income-reporting-playbook/income-reporting-playbook_data.json @@ -1,375 +1,375 @@ { - "url": "https://github.com/DSACMS/income-reporting-playbook", - "owner": "DSACMS", - "name": "income-reporting-playbook", - "description": "The Income Reporting Playbook will offer guidance and templates to improve the client experience of providing income during benefit applications and renewals. It is currently being developed by Nava in conjunction with USDS and DSAC.", - "commits_count": 12, - "issues_count": 2, - "open_issues_count": 1, - "closed_issues_count": 1, - "pull_requests_count": 4, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 4, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 0, - "created_at": "2023-09-29T19:39:30Z", - "predominant_langs": { - "HTML": 28794, - "SCSS": 2517, - "JavaScript": 857, - "Makefile": 274, - "Ruby": 238 - }, - "commits_by_month": { - "2024/4": 11, - "2023/9": 1 - }, - "cocomo": { - "languageSummary": [ - { - "Name": "HTML", - "Bytes": 28794, - "CodeBytes": 0, - "Lines": 385, - "Code": 315, - "Comment": 0, - "Blank": 70, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 5039, - "CodeBytes": 0, - "Lines": 97, - "Code": 66, - "Comment": 0, - "Blank": 31, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 238, - "CodeBytes": 0, - "Lines": 10, - "Code": 6, - "Comment": 2, - "Blank": 2, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 857, - "CodeBytes": 0, - "Lines": 24, - "Code": 20, - "Comment": 1, - "Blank": 3, - "Complexity": 4, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7047, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 274, - "CodeBytes": 0, - "Lines": 9, - "Code": 8, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 2517, - "CodeBytes": 0, - "Lines": 186, - "Code": 155, - "Comment": 5, - "Blank": 26, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 107, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 16559.10399972746, - "estimatedScheduleMonths_low": 2.9982015099698, - "estimatedPeople_low": 0.5380535773515648, - "estimatedCost_high": 51605.40033022383, - "estimatedScheduleMonths_high": 2.9982015099698, - "estimatedPeople_high": 0.5380535773515648, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nHTML 3 385 70 0 315 0\n(ULOC) 221\n-------------------------------------------------------------------------------\nMarkdown 2 97 31 0 66 0\n(ULOC) 60\n-------------------------------------------------------------------------------\nGemfile 1 10 2 2 6 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nJavaScript 1 24 3 1 20 4\n(ULOC) 21\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMakefile 1 9 1 0 8 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nSass 1 186 26 5 155 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 6 0 0 6 0\n(ULOC) 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 11 838 145 8 685 4\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 539\nDRYness % 0.64\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $18,158\nEstimated Schedule Effort (organic) 3.00 months\nEstimated People Required (organic) 0.54\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 44873 bytes, 0.045 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/DSACMS/income-reporting-playbook", + "owner": "DSACMS", + "name": "income-reporting-playbook", + "description": "The Income Reporting Playbook will offer guidance and templates to improve the client experience of providing income during benefit applications and renewals. It is currently being developed by Nava in conjunction with USDS and DSAC.", + "commits_count": 12, + "issues_count": 2, + "open_issues_count": 1, + "closed_issues_count": 1, + "pull_requests_count": 4, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 4, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 0, + "created_at": "2023-09-29T19:39:30Z", + "predominant_langs": { + "HTML": 28794, + "SCSS": 2517, + "JavaScript": 857, + "Makefile": 274, + "Ruby": 238 + }, + "commits_by_month": { + "2024/4": 11, + "2023/9": 1 + }, + "cocomo": { + "languageSummary": [ + { + "Name": "HTML", + "Bytes": 28794, + "CodeBytes": 0, + "Lines": 385, + "Code": 315, + "Comment": 0, + "Blank": 70, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 5039, + "CodeBytes": 0, + "Lines": 97, + "Code": 66, + "Comment": 0, + "Blank": 31, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 238, + "CodeBytes": 0, + "Lines": 10, + "Code": 6, + "Comment": 2, + "Blank": 2, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 857, + "CodeBytes": 0, + "Lines": 24, + "Code": 20, + "Comment": 1, + "Blank": 3, + "Complexity": 4, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7047, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 274, + "CodeBytes": 0, + "Lines": 9, + "Code": 8, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 2517, + "CodeBytes": 0, + "Lines": 186, + "Code": 155, + "Comment": 5, + "Blank": 26, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 107, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 16559.10399972746, + "estimatedScheduleMonths_low": 2.9982015099698, + "estimatedPeople_low": 0.5380535773515648, + "estimatedCost_high": 51605.40033022383, + "estimatedScheduleMonths_high": 2.9982015099698, + "estimatedPeople_high": 0.5380535773515648, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nHTML 3 385 70 0 315 0\n(ULOC) 221\n-------------------------------------------------------------------------------\nMarkdown 2 97 31 0 66 0\n(ULOC) 60\n-------------------------------------------------------------------------------\nGemfile 1 10 2 2 6 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nJavaScript 1 24 3 1 20 4\n(ULOC) 21\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMakefile 1 9 1 0 8 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nSass 1 186 26 5 155 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 6 0 0 6 0\n(ULOC) 7\n───────────────────────────────────────────────────────────────────────────────\nTotal 11 838 145 8 685 4\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 539\nDRYness % 0.64\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $18,158\nEstimated Schedule Effort (organic) 3.00 months\nEstimated People Required (organic) 0.54\n───────────────────────────────────────────────────────────────────────────────\nProcessed 44873 bytes, 0.045 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "ossf_scorecard": { + "date": "2025-01-19T13:19:23Z", + "repo": { + "name": "github.com/DSACMS/income-reporting-playbook", + "commit": "c3b3b541bb500cfbbdc3a8dab8ec25d490533302" }, - "ossf_scorecard": { - "date": "2025-01-19T13:19:23Z", - "repo": { - "name": "github.com/DSACMS/income-reporting-playbook", - "commit": "c3b3b541bb500cfbbdc3a8dab8ec25d490533302" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 2.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 4 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 4, - "reason": "Found 3/7 approved changesets -- score normalized to 4", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 2, - "reason": "8 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "total_project_lines": 838, - "average_project_lines": 76, - "total_project_comment_lines": 8, - "average_project_comment_lines": 1, - "total_project_blank_lines": 145, - "average_blank_lines": 13, - "average_issue_resolution_time": [ - [ - "income-reporting-playbook", - "15:09:52" - ] + "score": 2.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 4 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 4, + "reason": "Found 3/7 approved changesets -- score normalized to 4", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 2, + "reason": "8 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } ], - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "metadata": null + }, + "total_project_lines": 838, + "average_project_lines": 76, + "total_project_comment_lines": 8, + "average_project_comment_lines": 1, + "total_project_blank_lines": 145, + "average_blank_lines": 13, + "average_issue_resolution_time": [ + [ + "income-reporting-playbook", + "15:09:52" + ] + ], + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/DSACMS/iv-cbv-payroll/iv-cbv-payroll_data.json b/app/site/_data/DSACMS/iv-cbv-payroll/iv-cbv-payroll_data.json index 347b8a651f..537024522e 100644 --- a/app/site/_data/DSACMS/iv-cbv-payroll/iv-cbv-payroll_data.json +++ b/app/site/_data/DSACMS/iv-cbv-payroll/iv-cbv-payroll_data.json @@ -1,674 +1,674 @@ { - "url": "https://github.com/DSACMS/iv-cbv-payroll", - "owner": "DSACMS", - "name": "iv-cbv-payroll", - "description": null, - "commits_count": 568, - "issues_count": 3, - "open_issues_count": 2, - "closed_issues_count": 1, - "pull_requests_count": 418, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 384, - "closed_pull_requests_count": 32, - "forks_count": 2, - "stargazers_count": 5, - "watchers_count": 4, - "created_at": "2024-04-22T22:34:18Z", - "predominant_langs": { - "Ruby": 364545, - "HCL": 178453, - "Shell": 64833, - "HTML": 54332, - "Makefile": 18688, - "JavaScript": 12152, - "Python": 11822, - "Dockerfile": 5818, - "Go": 4675, - "SCSS": 3992, - "TypeScript": 1016, - "CSS": 145 - }, - "commits_by_month": { - "2025/1": 12, - "2024/12": 18 - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Ruby", - "Bytes": 339169, - "CodeBytes": 0, - "Lines": 10161, - "Code": 7775, - "Comment": 851, - "Blank": 1535, - "Complexity": 270, - "Count": 188, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Terraform", - "Bytes": 178301, - "CodeBytes": 0, - "Lines": 5734, - "Code": 3838, - "Comment": 1158, - "Blank": 738, - "Complexity": 361, - "Count": 133, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 147233, - "CodeBytes": 0, - "Lines": 2811, - "Code": 1885, - "Comment": 0, - "Blank": 926, - "Complexity": 0, - "Count": 52, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 135126, - "CodeBytes": 0, - "Lines": 3073, - "Code": 2493, - "Comment": 330, - "Blank": 250, - "Complexity": 0, - "Count": 48, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Ruby HTML", - "Bytes": 49253, - "CodeBytes": 0, - "Lines": 1227, - "Code": 1105, - "Comment": 0, - "Blank": 122, - "Complexity": 95, - "Count": 40, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "BASH", - "Bytes": 59979, - "CodeBytes": 0, - "Lines": 1543, - "Code": 887, - "Comment": 450, - "Blank": 206, - "Complexity": 74, - "Count": 32, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 24110, - "CodeBytes": 0, - "Lines": 849, - "Code": 848, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 18, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 12152, - "CodeBytes": 0, - "Lines": 402, - "Code": 301, - "Comment": 48, - "Blank": 53, - "Complexity": 23, - "Count": 15, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 4854, - "CodeBytes": 0, - "Lines": 220, - "Code": 152, - "Comment": 22, - "Blank": 46, - "Complexity": 20, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 11822, - "CodeBytes": 0, - "Lines": 346, - "Code": 288, - "Comment": 16, - "Blank": 42, - "Complexity": 12, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 5062, - "CodeBytes": 0, - "Lines": 200, - "Code": 182, - "Comment": 3, - "Blank": 15, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 110, - "CodeBytes": 0, - "Lines": 3, - "Code": 3, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Sass", - "Bytes": 3992, - "CodeBytes": 0, - "Lines": 186, - "Code": 140, - "Comment": 26, - "Blank": 20, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Go", - "Bytes": 4675, - "CodeBytes": 0, - "Lines": 129, - "Code": 97, - "Comment": 14, - "Blank": 18, - "Complexity": 3, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Makefile", - "Bytes": 18688, - "CodeBytes": 0, - "Lines": 484, - "Code": 309, - "Comment": 72, - "Blank": 103, - "Complexity": 12, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Rakefile", - "Bytes": 317, - "CodeBytes": 0, - "Lines": 10, - "Code": 5, - "Comment": 3, - "Blank": 2, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 145, - "CodeBytes": 0, - "Lines": 5, - "Code": 4, - "Comment": 1, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 106700, - "CodeBytes": 0, - "Lines": 444, - "Code": 444, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 15, - "CodeBytes": 0, - "Lines": 2, - "Code": 1, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 5818, - "CodeBytes": 0, - "Lines": 159, - "Code": 77, - "Comment": 45, - "Blank": 37, - "Complexity": 17, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Gemfile", - "Bytes": 3284, - "CodeBytes": 0, - "Lines": 122, - "Code": 66, - "Comment": 26, - "Blank": 30, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7048, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SQL", - "Bytes": 28, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "TypeScript", - "Bytes": 1016, - "CodeBytes": 0, - "Lines": 36, - "Code": 28, - "Comment": 1, - "Blank": 7, - "Complexity": 8, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 603554.3814499328, - "estimatedScheduleMonths_low": 11.757068712618173, - "estimatedPeople_low": 5.001115200766702, - "estimatedCost_high": 1880939.057831694, - "estimatedScheduleMonths_high": 11.757068712618173, - "estimatedPeople_high": 5.001115200766702, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nRuby 188 10161 1535 851 7775 270\n(ULOC) 5624\n-------------------------------------------------------------------------------\nTerraform 133 5734 738 1158 3838 361\n(ULOC) 2853\n-------------------------------------------------------------------------------\nMarkdown 52 2811 926 0 1885 0\n(ULOC) 1546\n-------------------------------------------------------------------------------\nYAML 48 3073 250 330 2493 0\n(ULOC) 1986\n-------------------------------------------------------------------------------\nRuby HTML 40 1227 122 0 1105 95\n(ULOC) 712\n-------------------------------------------------------------------------------\nBASH 32 1543 206 450 887 74\n(ULOC) 919\n-------------------------------------------------------------------------------\nJSON 18 849 1 0 848 0\n(ULOC) 293\n-------------------------------------------------------------------------------\nJavaScript 15 402 53 48 301 23\n(ULOC) 290\n-------------------------------------------------------------------------------\nShell 10 220 46 22 152 20\n(ULOC) 141\n-------------------------------------------------------------------------------\nPython 4 346 42 16 288 12\n(ULOC) 225\n-------------------------------------------------------------------------------\nHTML 3 200 15 3 182 0\n(ULOC) 62\n-------------------------------------------------------------------------------\nPlain Text 3 3 0 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nSass 3 186 20 26 140 0\n(ULOC) 113\n-------------------------------------------------------------------------------\nGo 2 129 18 14 97 3\n(ULOC) 83\n-------------------------------------------------------------------------------\nMakefile 2 484 103 72 309 12\n(ULOC) 312\n-------------------------------------------------------------------------------\nRakefile 2 10 2 3 5 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nCSS 1 5 0 1 4 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nCSV 1 444 0 0 444 0\n(ULOC) 377\n-------------------------------------------------------------------------------\nDocker ignore 1 2 1 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nDockerfile 1 159 37 45 77 17\n(ULOC) 106\n-------------------------------------------------------------------------------\nGemfile 1 122 30 26 66 0\n(ULOC) 90\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nSQL 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nTypeScript 1 36 7 1 28 8\n(ULOC) 24\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 563 28268 4164 3066 21038 895\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 15714\nDRYness % 0.56\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $661,835\nEstimated Schedule Effort (organic) 11.76 months\nEstimated People Required (organic) 5.00\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 1118897 bytes, 1.119 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/DSACMS/iv-cbv-payroll", + "owner": "DSACMS", + "name": "iv-cbv-payroll", + "description": null, + "commits_count": 568, + "issues_count": 3, + "open_issues_count": 2, + "closed_issues_count": 1, + "pull_requests_count": 418, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 384, + "closed_pull_requests_count": 32, + "forks_count": 2, + "stargazers_count": 5, + "watchers_count": 4, + "created_at": "2024-04-22T22:34:18Z", + "predominant_langs": { + "Ruby": 364545, + "HCL": 178453, + "Shell": 64833, + "HTML": 54332, + "Makefile": 18688, + "JavaScript": 12152, + "Python": 11822, + "Dockerfile": 5818, + "Go": 4675, + "SCSS": 3992, + "TypeScript": 1016, + "CSS": 145 + }, + "commits_by_month": { + "2025/1": 12, + "2024/12": 18 + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Ruby", + "Bytes": 354529, + "CodeBytes": 0, + "Lines": 10540, + "Code": 8083, + "Comment": 876, + "Blank": 1581, + "Complexity": 274, + "Count": 192, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Terraform", + "Bytes": 178453, + "CodeBytes": 0, + "Lines": 5738, + "Code": 3842, + "Comment": 1158, + "Blank": 738, + "Complexity": 361, + "Count": 133, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 147233, + "CodeBytes": 0, + "Lines": 2811, + "Code": 1885, + "Comment": 0, + "Blank": 926, + "Complexity": 0, + "Count": 52, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 133781, + "CodeBytes": 0, + "Lines": 3064, + "Code": 2483, + "Comment": 330, + "Blank": 251, + "Complexity": 0, + "Count": 48, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Ruby HTML", + "Bytes": 49270, + "CodeBytes": 0, + "Lines": 1226, + "Code": 1104, + "Comment": 0, + "Blank": 122, + "Complexity": 95, + "Count": 40, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "BASH", + "Bytes": 59979, + "CodeBytes": 0, + "Lines": 1543, + "Code": 887, + "Comment": 450, + "Blank": 206, + "Complexity": 74, + "Count": 32, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 24110, + "CodeBytes": 0, + "Lines": 849, + "Code": 848, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 18, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 12152, + "CodeBytes": 0, + "Lines": 402, + "Code": 301, + "Comment": 48, + "Blank": 53, + "Complexity": 23, + "Count": 15, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 4854, + "CodeBytes": 0, + "Lines": 220, + "Code": 152, + "Comment": 22, + "Blank": 46, + "Complexity": 20, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 11822, + "CodeBytes": 0, + "Lines": 346, + "Code": 288, + "Comment": 16, + "Blank": 42, + "Complexity": 12, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 5062, + "CodeBytes": 0, + "Lines": 200, + "Code": 182, + "Comment": 3, + "Blank": 15, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 110, + "CodeBytes": 0, + "Lines": 3, + "Code": 3, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Sass", + "Bytes": 3992, + "CodeBytes": 0, + "Lines": 186, + "Code": 140, + "Comment": 26, + "Blank": 20, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Go", + "Bytes": 4675, + "CodeBytes": 0, + "Lines": 129, + "Code": 97, + "Comment": 14, + "Blank": 18, + "Complexity": 3, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Makefile", + "Bytes": 18688, + "CodeBytes": 0, + "Lines": 484, + "Code": 309, + "Comment": 72, + "Blank": 103, + "Complexity": 12, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Rakefile", + "Bytes": 317, + "CodeBytes": 0, + "Lines": 10, + "Code": 5, + "Comment": 3, + "Blank": 2, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 145, + "CodeBytes": 0, + "Lines": 5, + "Code": 4, + "Comment": 1, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 106700, + "CodeBytes": 0, + "Lines": 444, + "Code": 444, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 15, + "CodeBytes": 0, + "Lines": 2, + "Code": 1, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 5818, + "CodeBytes": 0, + "Lines": 159, + "Code": 77, + "Comment": 45, + "Blank": 37, + "Complexity": 17, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Gemfile", + "Bytes": 3323, + "CodeBytes": 0, + "Lines": 125, + "Code": 68, + "Comment": 26, + "Blank": 31, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7048, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SQL", + "Bytes": 28, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "TypeScript", + "Bytes": 1016, + "CodeBytes": 0, + "Lines": 36, + "Code": 28, + "Comment": 1, + "Blank": 7, + "Complexity": 8, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 612684.9857311381, + "estimatedScheduleMonths_low": 11.824341716295827, + "estimatedPeople_low": 5.047888735669481, + "estimatedCost_high": 1909394.0086065796, + "estimatedScheduleMonths_high": 11.824341716295827, + "estimatedPeople_high": 5.047888735669481, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nRuby 192 10540 1581 876 8083 274\n(ULOC) 5755\n-------------------------------------------------------------------------------\nTerraform 133 5738 738 1158 3842 361\n(ULOC) 2855\n-------------------------------------------------------------------------------\nMarkdown 52 2811 926 0 1885 0\n(ULOC) 1546\n-------------------------------------------------------------------------------\nYAML 48 3064 251 330 2483 0\n(ULOC) 1983\n-------------------------------------------------------------------------------\nRuby HTML 40 1226 122 0 1104 95\n(ULOC) 711\n-------------------------------------------------------------------------------\nBASH 32 1543 206 450 887 74\n(ULOC) 919\n-------------------------------------------------------------------------------\nJSON 18 849 1 0 848 0\n(ULOC) 293\n-------------------------------------------------------------------------------\nJavaScript 15 402 53 48 301 23\n(ULOC) 290\n-------------------------------------------------------------------------------\nShell 10 220 46 22 152 20\n(ULOC) 141\n-------------------------------------------------------------------------------\nPython 4 346 42 16 288 12\n(ULOC) 225\n-------------------------------------------------------------------------------\nHTML 3 200 15 3 182 0\n(ULOC) 62\n-------------------------------------------------------------------------------\nPlain Text 3 3 0 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nSass 3 186 20 26 140 0\n(ULOC) 113\n-------------------------------------------------------------------------------\nGo 2 129 18 14 97 3\n(ULOC) 83\n-------------------------------------------------------------------------------\nMakefile 2 484 103 72 309 12\n(ULOC) 312\n-------------------------------------------------------------------------------\nRakefile 2 10 2 3 5 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nCSS 1 5 0 1 4 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nCSV 1 444 0 0 444 0\n(ULOC) 377\n-------------------------------------------------------------------------------\nDocker ignore 1 2 1 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nDockerfile 1 159 37 45 77 17\n(ULOC) 106\n-------------------------------------------------------------------------------\nGemfile 1 125 31 26 68 0\n(ULOC) 92\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nSQL 1 1 0 0 1 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nTypeScript 1 36 7 1 28 8\n(ULOC) 24\n───────────────────────────────────────────────────────────────────────────────\nTotal 567 28644 4212 3091 21341 899\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 15845\nDRYness % 0.55\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $671,847\nEstimated Schedule Effort (organic) 11.82 months\nEstimated People Required (organic) 5.05\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1133120 bytes, 1.133 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "ossf_scorecard": { + "date": "2025-01-19T13:18:55Z", + "repo": { + "name": "github.com/DSACMS/iv-cbv-payroll", + "commit": "57b5e24c3eac8003a95b862c54b84be5c15dc206" }, - "ossf_scorecard": { - "date": "2025-01-19T13:18:55Z", - "repo": { - "name": "github.com/DSACMS/iv-cbv-payroll", - "commit": "57b5e24c3eac8003a95b862c54b84be5c15dc206" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.2, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 3, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "28 out of 28 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 27/29 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 14 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 4, - "reason": "SAST tool is not run on all commits -- score normalized to 4", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "12 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "total_project_lines": 27123, - "average_project_lines": 49, - "total_project_comment_lines": 3026, - "average_project_comment_lines": 5, - "total_project_blank_lines": 4038, - "average_blank_lines": 7, - "average_issue_resolution_time": [ - [ - "iv-cbv-payroll", - "40 days 05:34:32" - ] + "score": 5.2, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 3, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "28 out of 28 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 27/29 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 14 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 4, + "reason": "SAST tool is not run on all commits -- score normalized to 4", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "12 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "total_project_lines": 27123, + "average_project_lines": 49, + "total_project_comment_lines": 3026, + "average_project_comment_lines": 5, + "total_project_blank_lines": 4038, + "average_blank_lines": 7, + "average_issue_resolution_time": [ + [ + "iv-cbv-payroll", + "40 days 05:34:32" + ] + ], + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-12T00:00:00.000Z", + 4 + ], + [ + "2024-09-30T00:00:00.000Z", + 1 + ], + [ + "2024-11-01T00:00:00.000Z", + 1 + ], + [ + "2024-11-12T00:00:00.000Z", + 1 + ], + [ + "2024-11-19T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [ + [ + "2024-08-16T00:00:00.000Z", + 1 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "repo_dependency_libyear_list": [ + [ + "@axe-core/playwright", + 0.0164383562, + "2024-11-01T01:17:48.000" + ], + [ + "@playwright/test", + -0.0191780822, + "2024-11-01T01:17:48.000" ], - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-12T00:00:00.000Z", - 4 - ], - [ - "2024-09-30T00:00:00.000Z", - 1 - ], - [ - "2024-11-01T00:00:00.000Z", - 1 - ], - [ - "2024-11-12T00:00:00.000Z", - 1 - ], - [ - "2024-11-19T00:00:00.000Z", - 1 - ] + [ + "@types/node", + -0.002739726, + "2024-11-01T01:17:48.000" ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [ - [ - "2024-08-16T00:00:00.000Z", - 1 - ] + [ + "dotenv", + 0.0, + "2024-11-01T01:17:48.000" ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "repo_dependency_libyear_list": [ - [ - "@axe-core/playwright", - 0.0164383562, - "2024-11-01T01:17:48.000" - ], - [ - "@playwright/test", - -0.0191780822, - "2024-11-01T01:17:48.000" - ], - [ - "@types/node", - -0.002739726, - "2024-11-01T01:17:48.000" - ], - [ - "dotenv", - 0.0, - "2024-11-01T01:17:48.000" - ], - [ - "pg8000", - 0.0, - "2024-12-17T15:56:00.000" - ] + [ + "pg8000", + 0.0, + "2024-12-17T15:56:00.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/DSACMS/iv-verify/iv-verify_data.json b/app/site/_data/DSACMS/iv-verify/iv-verify_data.json index 65da4e7350..6b80e133a7 100644 --- a/app/site/_data/DSACMS/iv-verify/iv-verify_data.json +++ b/app/site/_data/DSACMS/iv-verify/iv-verify_data.json @@ -1,615 +1,615 @@ { - "url": "https://github.com/DSACMS/iv-verify", - "owner": "DSACMS", - "name": "iv-verify", - "description": null, - "commits_count": 452, - "issues_count": 1, - "open_issues_count": 0, - "closed_issues_count": 1, - "pull_requests_count": 84, - "open_pull_requests_count": 8, - "merged_pull_requests_count": 75, - "closed_pull_requests_count": 1, - "forks_count": 1, - "stargazers_count": 3, - "watchers_count": 4, - "created_at": "2024-05-30T22:51:47Z", - "predominant_langs": { - "TypeScript": 152828, - "CSS": 5948, - "JavaScript": 4965, - "Dockerfile": 629 - }, - "commits_by_month": { - "2024/11": 23, - "2024/10": 7 - }, - "cocomo": { - "languageSummary": [ - { - "Name": "TypeScript", - "Bytes": 155453, - "CodeBytes": 0, - "Lines": 4882, - "Code": 4066, - "Comment": 185, - "Blank": 631, - "Complexity": 162, - "Count": 90, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 41215, - "CodeBytes": 0, - "Lines": 814, - "Code": 554, - "Comment": 0, - "Blank": 260, - "Complexity": 0, - "Count": 14, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 16076, - "CodeBytes": 0, - "Lines": 426, - "Code": 261, - "Comment": 118, - "Blank": 47, - "Complexity": 0, - "Count": 8, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 22202, - "CodeBytes": 0, - "Lines": 374, - "Code": 374, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 4965, - "CodeBytes": 0, - "Lines": 151, - "Code": 121, - "Comment": 4, - "Blank": 26, - "Complexity": 19, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 5948, - "CodeBytes": 0, - "Lines": 331, - "Code": 283, - "Comment": 3, - "Blank": 45, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 2004, - "CodeBytes": 0, - "Lines": 2, - "Code": 2, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Docker ignore", - "Bytes": 17, - "CodeBytes": 0, - "Lines": 2, - "Code": 2, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Dockerfile", - "Bytes": 629, - "CodeBytes": 0, - "Lines": 25, - "Code": 10, - "Comment": 8, - "Blank": 7, - "Complexity": 1, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7047, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 155504.7736289313, - "estimatedScheduleMonths_low": 7.022462639461478, - "estimatedPeople_low": 2.1572664833055706, - "estimatedCost_high": 484620.7920738895, - "estimatedScheduleMonths_high": 7.022462639461478, - "estimatedPeople_high": 2.1572664833055706, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTypeScript 90 4882 631 185 4066 162\n(ULOC) 2192\n-------------------------------------------------------------------------------\nMarkdown 14 814 260 0 554 0\n(ULOC) 473\n-------------------------------------------------------------------------------\nYAML 8 426 47 118 261 0\n(ULOC) 289\n-------------------------------------------------------------------------------\nJSON 7 374 0 0 374 0\n(ULOC) 345\n-------------------------------------------------------------------------------\nJavaScript 4 151 26 4 121 19\n(ULOC) 112\n-------------------------------------------------------------------------------\nCSS 2 331 45 3 283 0\n(ULOC) 211\n-------------------------------------------------------------------------------\nSVG 2 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nDocker ignore 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nDockerfile 1 25 7 8 10 1\n(ULOC) 17\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 130 7128 1028 318 5782 182\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 3721\nDRYness % 0.52\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $170,520\nEstimated Schedule Effort (organic) 7.02 months\nEstimated People Required (organic) 2.16\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 255556 bytes, 0.256 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/DSACMS/iv-verify", + "owner": "DSACMS", + "name": "iv-verify", + "description": null, + "commits_count": 452, + "issues_count": 1, + "open_issues_count": 0, + "closed_issues_count": 1, + "pull_requests_count": 84, + "open_pull_requests_count": 8, + "merged_pull_requests_count": 75, + "closed_pull_requests_count": 1, + "forks_count": 1, + "stargazers_count": 3, + "watchers_count": 4, + "created_at": "2024-05-30T22:51:47Z", + "predominant_langs": { + "TypeScript": 152828, + "CSS": 5948, + "JavaScript": 4965, + "Dockerfile": 629 + }, + "commits_by_month": { + "2024/11": 23, + "2024/10": 7 + }, + "cocomo": { + "languageSummary": [ + { + "Name": "TypeScript", + "Bytes": 155453, + "CodeBytes": 0, + "Lines": 4882, + "Code": 4066, + "Comment": 185, + "Blank": 631, + "Complexity": 162, + "Count": 90, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 41215, + "CodeBytes": 0, + "Lines": 814, + "Code": 554, + "Comment": 0, + "Blank": 260, + "Complexity": 0, + "Count": 14, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 16076, + "CodeBytes": 0, + "Lines": 426, + "Code": 261, + "Comment": 118, + "Blank": 47, + "Complexity": 0, + "Count": 8, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 22202, + "CodeBytes": 0, + "Lines": 374, + "Code": 374, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 4965, + "CodeBytes": 0, + "Lines": 151, + "Code": 121, + "Comment": 4, + "Blank": 26, + "Complexity": 19, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 5948, + "CodeBytes": 0, + "Lines": 331, + "Code": 283, + "Comment": 3, + "Blank": 45, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 2004, + "CodeBytes": 0, + "Lines": 2, + "Code": 2, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Docker ignore", + "Bytes": 17, + "CodeBytes": 0, + "Lines": 2, + "Code": 2, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Dockerfile", + "Bytes": 629, + "CodeBytes": 0, + "Lines": 25, + "Code": 10, + "Comment": 8, + "Blank": 7, + "Complexity": 1, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7047, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 155504.7736289313, + "estimatedScheduleMonths_low": 7.022462639461478, + "estimatedPeople_low": 2.1572664833055706, + "estimatedCost_high": 484620.7920738895, + "estimatedScheduleMonths_high": 7.022462639461478, + "estimatedPeople_high": 2.1572664833055706, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 90 4882 631 185 4066 162\n(ULOC) 2192\n-------------------------------------------------------------------------------\nMarkdown 14 814 260 0 554 0\n(ULOC) 473\n-------------------------------------------------------------------------------\nYAML 8 426 47 118 261 0\n(ULOC) 289\n-------------------------------------------------------------------------------\nJSON 7 374 0 0 374 0\n(ULOC) 345\n-------------------------------------------------------------------------------\nJavaScript 4 151 26 4 121 19\n(ULOC) 112\n-------------------------------------------------------------------------------\nCSS 2 331 45 3 283 0\n(ULOC) 211\n-------------------------------------------------------------------------------\nSVG 2 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nDocker ignore 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nDockerfile 1 25 7 8 10 1\n(ULOC) 17\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 130 7128 1028 318 5782 182\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3721\nDRYness % 0.52\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $170,520\nEstimated Schedule Effort (organic) 7.02 months\nEstimated People Required (organic) 2.16\n───────────────────────────────────────────────────────────────────────────────\nProcessed 255556 bytes, 0.256 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "ossf_scorecard": { + "date": "2025-01-19T13:19:32Z", + "repo": { + "name": "github.com/DSACMS/iv-verify", + "commit": "d73781c913bee97f203b91cbb7b9d2dcd642e3fb" }, - "ossf_scorecard": { - "date": "2025-01-19T13:19:32Z", - "repo": { - "name": "github.com/DSACMS/iv-verify", - "commit": "d73781c913bee97f203b91cbb7b9d2dcd642e3fb" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "4 out of 4 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 1/17 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "26 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": 10, - "reason": "packaging workflow detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 3, - "reason": "dependency not pinned by hash detected -- score normalized to 3", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 4, - "reason": "6 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "total_project_lines": 7020, - "average_project_lines": 54, - "total_project_comment_lines": 317, - "average_project_comment_lines": 2, - "total_project_blank_lines": 1002, - "average_blank_lines": 8, - "average_issue_resolution_time": [ - [ - "iv-verify", - "00:08:20" - ] - ], - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-27T00:00:00.000Z", - 1 - ], - [ - "2024-08-29T00:00:00.000Z", - 1 - ], - [ - "2024-09-04T00:00:00.000Z", - 2 - ], - [ - "2024-09-11T00:00:00.000Z", - 1 - ], - [ - "2024-10-01T00:00:00.000Z", - 1 - ], - [ - "2024-10-03T00:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "repo_dependency_libyear_list": [ - [ - "@reduxjs/toolkit", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "@testing-library/react", - 0.5808219178, - "2024-12-17T15:55:58.000" - ], - [ - "@trussworks/react-uswds", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "@types/node", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "@types/react", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "@types/react-dom", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "@types/uuid", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "@vitejs/plugin-react", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "@vitest/coverage-v8", - 0.5808219178, - "2024-12-17T15:55:58.000" - ], - [ - "cypress", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "eslint", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "eslint-config-next", - 0.6301369863, - "2024-12-17T15:55:58.000" - ], - [ - "eslint-plugin-i18next", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "eslint-plugin-unused-imports", - 0.3698630137, - "2024-12-17T15:55:58.000" - ], - [ - "i18next", - 0.0712328767, - "2024-12-17T15:55:58.000" - ], - [ - "i18next-browser-languagedetector", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "i18next-resources-to-backend", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "jsdom", - 0.0739726027, - "2024-12-17T15:55:58.000" - ], - [ - "next", - 0.1917808219, - "2024-12-17T15:55:58.000" - ], - [ - "next-i18n-router", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "next-i18next", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "next-router-mock", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "pa11y-ci", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "pdf-lib", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "react", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "react-cookie", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "react-dom", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "react-hook-form", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "react-i18next", - 0.4082191781, - "2024-12-17T15:55:58.000" - ], - [ - "react-redux", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "redux-mock-store", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "sharp", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "start-server-and-test", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "typescript", - 0.0, - "2024-12-17T15:55:58.000" - ], - [ - "uuid", - 0.4219178082, - "2024-12-17T15:55:58.000" - ], - [ - "vite-tsconfig-paths", - 0.7315068493, - "2024-12-17T15:55:58.000" - ], - [ - "vitest", - 0.5808219178, - "2024-12-17T15:55:58.000" - ] + "score": 5.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "4 out of 4 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 1/17 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "26 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": 10, + "reason": "packaging workflow detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 3, + "reason": "dependency not pinned by hash detected -- score normalized to 3", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 4, + "reason": "6 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "total_project_lines": 7020, + "average_project_lines": 54, + "total_project_comment_lines": 317, + "average_project_comment_lines": 2, + "total_project_blank_lines": 1002, + "average_blank_lines": 8, + "average_issue_resolution_time": [ + [ + "iv-verify", + "00:08:20" + ] + ], + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-27T00:00:00.000Z", + 1 + ], + [ + "2024-08-29T00:00:00.000Z", + 1 + ], + [ + "2024-09-04T00:00:00.000Z", + 2 + ], + [ + "2024-09-11T00:00:00.000Z", + 1 + ], + [ + "2024-10-01T00:00:00.000Z", + 1 + ], + [ + "2024-10-03T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "repo_dependency_libyear_list": [ + [ + "@reduxjs/toolkit", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "@testing-library/react", + 0.5808219178, + "2024-12-17T15:55:58.000" + ], + [ + "@trussworks/react-uswds", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "@types/node", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "@types/react", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "@types/react-dom", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "@types/uuid", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "@vitejs/plugin-react", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "@vitest/coverage-v8", + 0.5808219178, + "2024-12-17T15:55:58.000" + ], + [ + "cypress", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "eslint", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "eslint-config-next", + 0.6301369863, + "2024-12-17T15:55:58.000" + ], + [ + "eslint-plugin-i18next", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "eslint-plugin-unused-imports", + 0.3698630137, + "2024-12-17T15:55:58.000" + ], + [ + "i18next", + 0.0712328767, + "2024-12-17T15:55:58.000" + ], + [ + "i18next-browser-languagedetector", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "i18next-resources-to-backend", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "jsdom", + 0.0739726027, + "2024-12-17T15:55:58.000" + ], + [ + "next", + 0.1917808219, + "2024-12-17T15:55:58.000" + ], + [ + "next-i18n-router", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "next-i18next", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "next-router-mock", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "pa11y-ci", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "pdf-lib", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "react", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "react-cookie", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "react-dom", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "react-hook-form", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "react-i18next", + 0.4082191781, + "2024-12-17T15:55:58.000" + ], + [ + "react-redux", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "redux-mock-store", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "sharp", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "start-server-and-test", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "typescript", + 0.0, + "2024-12-17T15:55:58.000" + ], + [ + "uuid", + 0.4219178082, + "2024-12-17T15:55:58.000" + ], + [ + "vite-tsconfig-paths", + 0.7315068493, + "2024-12-17T15:55:58.000" + ], + [ + "vitest", + 0.5808219178, + "2024-12-17T15:55:58.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/DSACMS/metrics/metrics_data.json b/app/site/_data/DSACMS/metrics/metrics_data.json index 07d6dbc791..f33ed9306b 100644 --- a/app/site/_data/DSACMS/metrics/metrics_data.json +++ b/app/site/_data/DSACMS/metrics/metrics_data.json @@ -1,596 +1,596 @@ { - "url": "https://github.com/DSACMS/metrics", - "owner": "DSACMS", - "name": "metrics", - "description": "Experimentations in Open Source Repository Metrics", - "commits_count": 1832, - "issues_count": 51, - "open_issues_count": 21, - "closed_issues_count": 30, - "pull_requests_count": 261, - "open_pull_requests_count": 17, - "merged_pull_requests_count": 184, - "closed_pull_requests_count": 60, - "forks_count": 3, - "stargazers_count": 7, - "watchers_count": 4, - "total_project_lines": 184504, - "average_project_lines": 59, - "total_project_comment_lines": 680, - "average_project_comment_lines": 0, - "total_project_blank_lines": 1001, - "average_blank_lines": 0, - "commits_by_month": { - "2025/1": 30 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-11T00:00:00.000Z", - 1 - ], - [ - "2024-08-13T00:00:00.000Z", - 2 - ], - [ - "2024-08-14T00:00:00.000Z", - 1 - ], - [ - "2024-09-20T00:00:00.000Z", - 1 - ], - [ - "2024-09-30T00:00:00.000Z", - 1 - ], - [ - "2024-10-03T00:00:00.000Z", - 1 - ], - [ - "2024-10-10T00:00:00.000Z", - 1 - ], - [ - "2024-10-11T00:00:00.000Z", - 1 - ], - [ - "2024-10-15T00:00:00.000Z", - 1 - ], - [ - "2024-11-25T00:00:00.000Z", - 1 - ] - ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "project_type": "Website", - "user_input": "No", - "project_fisma_level": "Moderate", - "group": "CMS/OA/DSAC", - "subset_in_healthcare": "Operational", - "user_type": "Government", - "repository_host": "Github.com", - "maturity_model_tier": "3", - "cocomo": { - "languageSummary": [ - { - "Name": "SVG", - "Bytes": 49802686, - "CodeBytes": 0, - "Lines": 11007, - "Code": 11007, - "Comment": 0, - "Blank": 0, - "Complexity": 5266, - "Count": 2591, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 2006839, - "CodeBytes": 0, - "Lines": 35227, - "Code": 34451, - "Comment": 0, - "Blank": 776, - "Complexity": 0, - "Count": 266, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 6009958, - "CodeBytes": 0, - "Lines": 138883, - "Code": 138882, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 253, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 36283, - "CodeBytes": 0, - "Lines": 954, - "Code": 755, - "Comment": 56, - "Blank": 143, - "Complexity": 69, - "Count": 12, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 23898, - "CodeBytes": 0, - "Lines": 662, - "Code": 486, - "Comment": 111, - "Blank": 65, - "Complexity": 0, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 4384, - "CodeBytes": 0, - "Lines": 119, - "Code": 72, - "Comment": 21, - "Blank": 26, - "Complexity": 5, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 4783, - "CodeBytes": 0, - "Lines": 134, - "Code": 79, - "Comment": 23, - "Blank": 32, - "Complexity": 15, - "Count": 5, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 11494, - "CodeBytes": 0, - "Lines": 749, - "Code": 607, - "Comment": 9, - "Blank": 133, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 63, - "CodeBytes": 0, - "Lines": 6, - "Code": 6, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 5962046.585848889, - "estimatedScheduleMonths_low": 28.072239503658928, - "estimatedPeople_low": 20.690348828873173, - "estimatedCost_high": 18580341.113579575, - "estimatedScheduleMonths_high": 28.072239503658928, - "estimatedPeople_high": 20.690348828873173, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nSVG 2591 11007 0 0 11007 5266\n(ULOC) 8386\n-------------------------------------------------------------------------------\nMarkdown 266 35227 776 0 34451 0\n(ULOC) 4649\n-------------------------------------------------------------------------------\nJSON 253 138883 1 0 138882 0\n(ULOC) 14592\n-------------------------------------------------------------------------------\nJavaScript 12 954 143 56 755 69\n(ULOC) 628\n-------------------------------------------------------------------------------\nYAML 9 662 65 111 486 0\n(ULOC) 402\n-------------------------------------------------------------------------------\nPython 7 119 26 21 72 5\n(ULOC) 71\n-------------------------------------------------------------------------------\nShell 5 134 32 23 79 15\n(ULOC) 76\n-------------------------------------------------------------------------------\nCSS 1 749 133 9 607 0\n(ULOC) 319\n-------------------------------------------------------------------------------\nPlain Text 1 6 0 0 6 0\n(ULOC) 7\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 3145 187741 1176 220 186345 5355\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 29106\nDRYness % 0.16\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $6,537,759\nEstimated Schedule Effort (organic) 28.07 months\nEstimated People Required (organic) 20.69\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 57900388 bytes, 57.900 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "created_at": "2023-07-18T14:10:58Z", - "ossf_scorecard": { - "date": "2025-01-19T13:18:20Z", - "repo": { - "name": "github.com/DSACMS/metrics", - "commit": "419d37de86f71b271d761708e2c7931eabb4a9ad" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.8, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 6, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 13 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 10, - "reason": "update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 1, - "reason": "dependency not pinned by hash detected -- score normalized to 1", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool detected: CodeQL", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "10 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "url": "https://github.com/DSACMS/metrics", + "owner": "DSACMS", + "name": "metrics", + "description": "Experimentations in Open Source Repository Metrics", + "commits_count": 1832, + "issues_count": 51, + "open_issues_count": 21, + "closed_issues_count": 30, + "pull_requests_count": 261, + "open_pull_requests_count": 17, + "merged_pull_requests_count": 184, + "closed_pull_requests_count": 60, + "forks_count": 3, + "stargazers_count": 7, + "watchers_count": 4, + "total_project_lines": 184504, + "average_project_lines": 59, + "total_project_comment_lines": 680, + "average_project_comment_lines": 0, + "total_project_blank_lines": 1001, + "average_blank_lines": 0, + "commits_by_month": { + "2025/1": 30 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-11T00:00:00.000Z", + 1 + ], + [ + "2024-08-13T00:00:00.000Z", + 2 + ], + [ + "2024-08-14T00:00:00.000Z", + 1 + ], + [ + "2024-09-20T00:00:00.000Z", + 1 + ], + [ + "2024-09-30T00:00:00.000Z", + 1 + ], + [ + "2024-10-03T00:00:00.000Z", + 1 + ], + [ + "2024-10-10T00:00:00.000Z", + 1 + ], + [ + "2024-10-11T00:00:00.000Z", + 1 + ], + [ + "2024-10-15T00:00:00.000Z", + 1 + ], + [ + "2024-11-25T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "project_type": "Website", + "user_input": "No", + "project_fisma_level": "Moderate", + "group": "CMS/OA/DSAC", + "subset_in_healthcare": "Operational", + "user_type": "Government", + "repository_host": "Github.com", + "maturity_model_tier": "3", + "cocomo": { + "languageSummary": [ + { + "Name": "SVG", + "Bytes": 49756996, + "CodeBytes": 0, + "Lines": 11007, + "Code": 11007, + "Comment": 0, + "Blank": 0, + "Complexity": 5266, + "Count": 2591, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 2010484, + "CodeBytes": 0, + "Lines": 35227, + "Code": 34451, + "Comment": 0, + "Blank": 776, + "Complexity": 0, + "Count": 266, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 5996325, + "CodeBytes": 0, + "Lines": 138456, + "Code": 138455, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 253, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 36283, + "CodeBytes": 0, + "Lines": 954, + "Code": 755, + "Comment": 56, + "Blank": 143, + "Complexity": 69, + "Count": 12, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 23898, + "CodeBytes": 0, + "Lines": 662, + "Code": 486, + "Comment": 111, + "Blank": 65, + "Complexity": 0, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 4384, + "CodeBytes": 0, + "Lines": 119, + "Code": 72, + "Comment": 21, + "Blank": 26, + "Complexity": 5, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 4783, + "CodeBytes": 0, + "Lines": 134, + "Code": 79, + "Comment": 23, + "Blank": 32, + "Complexity": 15, + "Count": 5, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 11494, + "CodeBytes": 0, + "Lines": 749, + "Code": 607, + "Comment": 9, + "Blank": 133, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 63, + "CodeBytes": 0, + "Lines": 6, + "Code": 6, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 5947702.598381125, + "estimatedScheduleMonths_low": 28.04655569672592, + "estimatedPeople_low": 20.659471997040978, + "estimatedCost_high": 18535638.983825583, + "estimatedScheduleMonths_high": 28.04655569672592, + "estimatedPeople_high": 20.659471997040978, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nSVG 2591 11007 0 0 11007 5266\n(ULOC) 8386\n-------------------------------------------------------------------------------\nMarkdown 266 35227 776 0 34451 0\n(ULOC) 4866\n-------------------------------------------------------------------------------\nJSON 253 138456 1 0 138455 0\n(ULOC) 14584\n-------------------------------------------------------------------------------\nJavaScript 12 954 143 56 755 69\n(ULOC) 628\n-------------------------------------------------------------------------------\nYAML 9 662 65 111 486 0\n(ULOC) 402\n-------------------------------------------------------------------------------\nPython 7 119 26 21 72 5\n(ULOC) 71\n-------------------------------------------------------------------------------\nShell 5 134 32 23 79 15\n(ULOC) 76\n-------------------------------------------------------------------------------\nCSS 1 749 133 9 607 0\n(ULOC) 319\n-------------------------------------------------------------------------------\nPlain Text 1 6 0 0 6 0\n(ULOC) 7\n───────────────────────────────────────────────────────────────────────────────\nTotal 3145 187314 1176 220 185918 5355\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 29315\nDRYness % 0.16\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $6,522,030\nEstimated Schedule Effort (organic) 28.05 months\nEstimated People Required (organic) 20.66\n───────────────────────────────────────────────────────────────────────────────\nProcessed 57844710 bytes, 57.845 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-07-18T14:10:58Z", + "ossf_scorecard": { + "date": "2025-01-19T13:18:20Z", + "repo": { + "name": "github.com/DSACMS/metrics", + "commit": "419d37de86f71b271d761708e2c7931eabb4a9ad" }, - "predominant_langs": { - "Liquid": 53436, - "JavaScript": 36283, - "CSS": 11494, - "Shell": 4783, - "Python": 4384 + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "projectType": "Website", - "userInput": "No", - "fismaLevel": "Low", - "subsetInHealthcare": "Operational", - "userType": "Government", - "repositoryHost": "Github.com", - "maturityModelTier": "3", - "average_issue_resolution_time": [ - [ - "metrics", - "57 days 15:58:51.210526" - ] - ], - "repo_dependency_libyear_list": [ - [ - "@11ty/eleventy", - 1.4328767123, - "2024-11-15T20:30:23.000" - ], - [ - "@11ty/eleventy-img", - 0.9178082192, - "2024-11-15T20:30:23.000" - ], - [ - "@fullhuman/postcss-purgecss", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "@grimlink/eleventy-plugin-lucide-icons", - 1.0301369863, - "2024-11-15T20:30:23.000" - ], - [ - "@rollup/plugin-babel", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "@rollup/plugin-commonjs", - 0.4, - "2024-11-15T20:30:23.000" - ], - [ - "@rollup/plugin-node-resolve", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "@rollup/plugin-terser", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "@shopify/prettier-plugin-liquid", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "@uswds/uswds", - 0.1068493151, - "2024-11-15T20:30:23.000" - ], - [ - "autoprefixer", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "cssnano", - 0.4438356164, - "2024-11-15T20:30:23.000" - ], - [ - "dompurify", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "dotenv", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "eslint", - 0.1643835616, - "2024-11-15T20:30:23.000" - ], - [ - "eslint-plugin-import", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "markdown-it", - 0.4767123288, - "2024-11-15T20:30:23.000" - ], - [ - "markdown-it-link-attributes", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "npm-run-all", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "pandas", - 0.0, - "2025-01-01T23:38:33.000" - ], - [ - "postcss", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "postcss-cli", - 1.0164383562, - "2024-11-15T20:30:23.000" - ], - [ - "postcss-import", - 1.2821917808, - "2024-11-15T20:30:23.000" - ], - [ - "prettier", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "prettier-eslint", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "purgecss-from-html", - 0.0, - "2024-11-15T20:30:23.000" - ], - [ - "pygal", - 0.0, - "2025-01-01T23:38:33.000" - ], - [ - "pylint", - 0.0, - "2025-01-01T23:38:33.000" - ], - [ - "pytest", - 0.0, - "2025-01-01T23:38:33.000" - ], - [ - "requests", - 0.0, - "2025-01-01T23:38:33.000" - ] + "score": 5.8, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 6, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 13 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 10, + "reason": "update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 1, + "reason": "dependency not pinned by hash detected -- score normalized to 1", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool detected: CodeQL", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "10 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "Liquid": 53436, + "JavaScript": 36283, + "CSS": 11494, + "Shell": 4783, + "Python": 4384 + }, + "projectType": "Website", + "userInput": "No", + "fismaLevel": "Low", + "subsetInHealthcare": "Operational", + "userType": "Government", + "repositoryHost": "Github.com", + "maturityModelTier": "3", + "average_issue_resolution_time": [ + [ + "metrics", + "57 days 15:58:51.210526" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@11ty/eleventy", + 1.4328767123, + "2024-11-15T20:30:23.000" + ], + [ + "@11ty/eleventy-img", + 0.9178082192, + "2024-11-15T20:30:23.000" + ], + [ + "@fullhuman/postcss-purgecss", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "@grimlink/eleventy-plugin-lucide-icons", + 1.0301369863, + "2024-11-15T20:30:23.000" + ], + [ + "@rollup/plugin-babel", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "@rollup/plugin-commonjs", + 0.4, + "2024-11-15T20:30:23.000" + ], + [ + "@rollup/plugin-node-resolve", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "@rollup/plugin-terser", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "@shopify/prettier-plugin-liquid", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "@uswds/uswds", + 0.1068493151, + "2024-11-15T20:30:23.000" + ], + [ + "autoprefixer", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "cssnano", + 0.4438356164, + "2024-11-15T20:30:23.000" + ], + [ + "dompurify", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "dotenv", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "eslint", + 0.1643835616, + "2024-11-15T20:30:23.000" + ], + [ + "eslint-plugin-import", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "markdown-it", + 0.4767123288, + "2024-11-15T20:30:23.000" + ], + [ + "markdown-it-link-attributes", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "npm-run-all", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "pandas", + 0.0, + "2025-01-01T23:38:33.000" + ], + [ + "postcss", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "postcss-cli", + 1.0164383562, + "2024-11-15T20:30:23.000" + ], + [ + "postcss-import", + 1.2821917808, + "2024-11-15T20:30:23.000" + ], + [ + "prettier", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "prettier-eslint", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "purgecss-from-html", + 0.0, + "2024-11-15T20:30:23.000" + ], + [ + "pygal", + 0.0, + "2025-01-01T23:38:33.000" + ], + [ + "pylint", + 0.0, + "2025-01-01T23:38:33.000" + ], + [ + "pytest", + 0.0, + "2025-01-01T23:38:33.000" + ], + [ + "requests", + 0.0, + "2025-01-01T23:38:33.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/DSACMS/mural-ollama/mural-ollama_data.json b/app/site/_data/DSACMS/mural-ollama/mural-ollama_data.json index ab6f3765ab..7ba11027e8 100644 --- a/app/site/_data/DSACMS/mural-ollama/mural-ollama_data.json +++ b/app/site/_data/DSACMS/mural-ollama/mural-ollama_data.json @@ -1,335 +1,335 @@ { - "url": "https://github.com/DSACMS/mural-ollama", - "owner": "DSACMS", - "name": "mural-ollama", - "description": "Multimodal LLM Mural Assistant with Ollama", - "commits_count": 4, - "issues_count": 1, - "open_issues_count": 1, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 1, - "stargazers_count": 1, - "watchers_count": 1, - "created_at": "2024-08-12T21:12:38Z", - "predominant_langs": { - "Python": 18191 - }, - "group": "CMS/OA/DSAC", - "commits_by_month": { - "2024/8": 4 - }, - "cocomo": { - "languageSummary": [ - { - "Name": "JSON", - "Bytes": 21103, - "CodeBytes": 0, - "Lines": 834, - "Code": 834, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Markdown", - "Bytes": 10420, - "CodeBytes": 0, - "Lines": 258, - "Code": 173, - "Comment": 0, - "Blank": 85, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 18191, - "CodeBytes": 0, - "Lines": 492, - "Code": 413, - "Comment": 4, - "Blank": 75, - "Complexity": 30, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7047, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2975, - "CodeBytes": 0, - "Lines": 71, - "Code": 25, - "Comment": 37, - "Blank": 9, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 39136.79873440436, - "estimatedScheduleMonths_low": 4.157279610571663, - "estimatedPeople_low": 0.9171187482092203, - "estimatedCost_high": 121967.35803854937, - "estimatedScheduleMonths_high": 4.157279610571663, - "estimatedPeople_high": 0.9171187482092203, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nJSON 3 834 0 0 834 0\n(ULOC) 163\n-------------------------------------------------------------------------------\nMarkdown 3 258 85 0 173 0\n(ULOC) 134\n-------------------------------------------------------------------------------\nPython 3 492 75 4 413 30\n(ULOC) 343\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 71 9 37 25 0\n(ULOC) 56\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 11 1776 181 41 1554 30\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 801\nDRYness % 0.45\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $42,915\nEstimated Schedule Effort (organic) 4.16 months\nEstimated People Required (organic) 0.92\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 59736 bytes, 0.060 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/DSACMS/mural-ollama", + "owner": "DSACMS", + "name": "mural-ollama", + "description": "Multimodal LLM Mural Assistant with Ollama", + "commits_count": 4, + "issues_count": 1, + "open_issues_count": 1, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 1, + "stargazers_count": 1, + "watchers_count": 1, + "created_at": "2024-08-12T21:12:38Z", + "predominant_langs": { + "Python": 18191 + }, + "group": "CMS/OA/DSAC", + "commits_by_month": { + "2024/8": 4 + }, + "cocomo": { + "languageSummary": [ + { + "Name": "JSON", + "Bytes": 21103, + "CodeBytes": 0, + "Lines": 834, + "Code": 834, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Markdown", + "Bytes": 10420, + "CodeBytes": 0, + "Lines": 258, + "Code": 173, + "Comment": 0, + "Blank": 85, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 18191, + "CodeBytes": 0, + "Lines": 492, + "Code": 413, + "Comment": 4, + "Blank": 75, + "Complexity": 30, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7047, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2975, + "CodeBytes": 0, + "Lines": 71, + "Code": 25, + "Comment": 37, + "Blank": 9, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 39136.79873440436, + "estimatedScheduleMonths_low": 4.157279610571663, + "estimatedPeople_low": 0.9171187482092203, + "estimatedCost_high": 121967.35803854937, + "estimatedScheduleMonths_high": 4.157279610571663, + "estimatedPeople_high": 0.9171187482092203, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 3 834 0 0 834 0\n(ULOC) 163\n-------------------------------------------------------------------------------\nMarkdown 3 258 85 0 173 0\n(ULOC) 134\n-------------------------------------------------------------------------------\nPython 3 492 75 4 413 30\n(ULOC) 343\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 71 9 37 25 0\n(ULOC) 56\n───────────────────────────────────────────────────────────────────────────────\nTotal 11 1776 181 41 1554 30\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 801\nDRYness % 0.45\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $42,915\nEstimated Schedule Effort (organic) 4.16 months\nEstimated People Required (organic) 0.92\n───────────────────────────────────────────────────────────────────────────────\nProcessed 59736 bytes, 0.060 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "ossf_scorecard": { + "date": "2025-01-19T13:19:30Z", + "repo": { + "name": "github.com/DSACMS/mural-ollama", + "commit": "d85d8e8032d05d82f2fb46d9a369ce37de980b4d" }, - "ossf_scorecard": { - "date": "2025-01-19T13:19:30Z", - "repo": { - "name": "github.com/DSACMS/mural-ollama", - "commit": "d85d8e8032d05d82f2fb46d9a369ce37de980b4d" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/4 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "total_project_lines": 1776, - "average_project_lines": 161, - "total_project_comment_lines": 41, - "average_project_comment_lines": 4, - "total_project_blank_lines": 181, - "average_blank_lines": 16, - "average_issue_resolution_time": [], - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-12T00:00:00.000Z", - 1 - ], - [ - "2024-08-13T00:00:00.000Z", - 1 - ] + "score": 3.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/4 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [ - [ - "2024-08-14T00:00:00.000Z", - 1 - ] + "metadata": null + }, + "total_project_lines": 1776, + "average_project_lines": 161, + "total_project_comment_lines": 41, + "average_project_comment_lines": 4, + "total_project_blank_lines": 181, + "average_blank_lines": 16, + "average_issue_resolution_time": [], + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-12T00:00:00.000Z", + 1 ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "repo_dependency_libyear_list": [] -} \ No newline at end of file + [ + "2024-08-13T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [ + [ + "2024-08-14T00:00:00.000Z", + 1 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/DSACMS/open/open_data.json b/app/site/_data/DSACMS/open/open_data.json index 7d778b0e14..8efc030404 100644 --- a/app/site/_data/DSACMS/open/open_data.json +++ b/app/site/_data/DSACMS/open/open_data.json @@ -1,470 +1,470 @@ { - "url": "https://github.com/DSACMS/open", - "owner": "DSACMS", - "name": "open", - "description": null, - "commits_count": 31, - "issues_count": 41, - "open_issues_count": 25, - "closed_issues_count": 16, - "pull_requests_count": 12, - "open_pull_requests_count": 3, - "merged_pull_requests_count": 8, - "closed_pull_requests_count": 1, - "forks_count": 1, - "stargazers_count": 2, - "watchers_count": 4, - "total_project_lines": 1735, - "average_project_lines": 83, - "total_project_comment_lines": 30, - "average_project_comment_lines": 1, - "total_project_blank_lines": 101, - "average_blank_lines": 5, - "commits_by_month": { - "2024/12": 2, - "2024/8": 9, - "2024/7": 4, - "2024/5": 1, - "2023/8": 3, - "2023/7": 7, - "2023/6": 4 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-13T00:00:00.000Z", - 2 - ], - [ - "2024-08-14T00:00:00.000Z", - 1 - ], - [ - "2024-08-30T00:00:00.000Z", - 1 - ], - [ - "2024-12-06T00:00:00.000Z", - 1 - ] + "url": "https://github.com/DSACMS/open", + "owner": "DSACMS", + "name": "open", + "description": null, + "commits_count": 31, + "issues_count": 41, + "open_issues_count": 25, + "closed_issues_count": 16, + "pull_requests_count": 12, + "open_pull_requests_count": 3, + "merged_pull_requests_count": 8, + "closed_pull_requests_count": 1, + "forks_count": 1, + "stargazers_count": 2, + "watchers_count": 4, + "total_project_lines": 1735, + "average_project_lines": 83, + "total_project_comment_lines": 30, + "average_project_comment_lines": 1, + "total_project_blank_lines": 101, + "average_blank_lines": 5, + "commits_by_month": { + "2024/12": 2, + "2024/8": 9, + "2024/7": 4, + "2024/5": 1, + "2023/8": 3, + "2023/7": 7, + "2023/6": 4 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-13T00:00:00.000Z", + 2 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "project_type": "Website", - "user_input": "No", - "project_fisma_level": "Low", - "group": "CMS/OA/DSAC", - "subset_in_healthcare": "Operational", - "user_type": "Government", - "repository_host": "Github.com", - "maturity_model_tier": "2", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 5843, - "CodeBytes": 0, - "Lines": 181, - "Code": 137, - "Comment": 0, - "Blank": 44, - "Complexity": 0, - "Count": 7, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JavaScript", - "Bytes": 18000, - "CodeBytes": 0, - "Lines": 518, - "Code": 451, - "Comment": 29, - "Blank": 38, - "Complexity": 21, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 52644, - "CodeBytes": 0, - "Lines": 901, - "Code": 901, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "SVG", - "Bytes": 30322, - "CodeBytes": 0, - "Lines": 31, - "Code": 31, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2228, - "CodeBytes": 0, - "Lines": 104, - "Code": 84, - "Comment": 1, - "Blank": 19, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 0, - "CodeBytes": 0, - "Lines": 0, - "Code": 0, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 40460.04074848053, - "estimatedScheduleMonths_low": 4.210142753595686, - "estimatedPeople_low": 0.9362223445985626, - "estimatedCost_high": 126091.15808662542, - "estimatedScheduleMonths_high": 4.210142753595686, - "estimatedPeople_high": 0.9362223445985626, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 7 181 44 0 137 0\n(ULOC) 121\n-------------------------------------------------------------------------------\nJavaScript 6 518 38 29 451 21\n(ULOC) 369\n-------------------------------------------------------------------------------\nJSON 3 901 0 0 901 0\n(ULOC) 303\n-------------------------------------------------------------------------------\nSVG 2 31 0 0 31 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nYAML 2 104 19 1 84 0\n(ULOC) 65\n-------------------------------------------------------------------------------\nCSS 1 0 0 0 0 0\n(ULOC) 1\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 21 1735 101 30 1604 21\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 863\nDRYness % 0.50\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $44,366\nEstimated Schedule Effort (organic) 4.21 months\nEstimated People Required (organic) 0.94\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 109037 bytes, 0.109 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "created_at": "2023-06-06T16:35:30Z", - "ossf_scorecard": { - "date": "2025-01-19T13:17:58Z", - "repo": { - "name": "github.com/DSACMS/open", - "commit": "c60ab12a98f1888bdb6abb3af7e798cc2f483195" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.9, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 6, - "reason": "5 out of 8 merged PRs checked by a CI test -- score normalized to 6", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 4, - "reason": "Found 6/14 approved changesets -- score normalized to 4", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 5, - "reason": "2 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 5", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 4, - "reason": "dependency not pinned by hash detected -- score normalized to 4", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 5, - "reason": "SAST tool is not run on all commits -- score normalized to 5", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 9, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 0, - "reason": "17 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + [ + "2024-08-14T00:00:00.000Z", + 1 + ], + [ + "2024-08-30T00:00:00.000Z", + 1 + ], + [ + "2024-12-06T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "project_type": "Website", + "user_input": "No", + "project_fisma_level": "Low", + "group": "CMS/OA/DSAC", + "subset_in_healthcare": "Operational", + "user_type": "Government", + "repository_host": "Github.com", + "maturity_model_tier": "2", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 5843, + "CodeBytes": 0, + "Lines": 181, + "Code": 137, + "Comment": 0, + "Blank": 44, + "Complexity": 0, + "Count": 7, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JavaScript", + "Bytes": 18000, + "CodeBytes": 0, + "Lines": 518, + "Code": 451, + "Comment": 29, + "Blank": 38, + "Complexity": 21, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 52644, + "CodeBytes": 0, + "Lines": 901, + "Code": 901, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "SVG", + "Bytes": 30322, + "CodeBytes": 0, + "Lines": 31, + "Code": 31, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2228, + "CodeBytes": 0, + "Lines": 104, + "Code": 84, + "Comment": 1, + "Blank": 19, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 0, + "CodeBytes": 0, + "Lines": 0, + "Code": 0, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 40460.04074848053, + "estimatedScheduleMonths_low": 4.210142753595686, + "estimatedPeople_low": 0.9362223445985626, + "estimatedCost_high": 126091.15808662542, + "estimatedScheduleMonths_high": 4.210142753595686, + "estimatedPeople_high": 0.9362223445985626, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 7 181 44 0 137 0\n(ULOC) 121\n-------------------------------------------------------------------------------\nJavaScript 6 518 38 29 451 21\n(ULOC) 369\n-------------------------------------------------------------------------------\nJSON 3 901 0 0 901 0\n(ULOC) 303\n-------------------------------------------------------------------------------\nSVG 2 31 0 0 31 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nYAML 2 104 19 1 84 0\n(ULOC) 65\n-------------------------------------------------------------------------------\nCSS 1 0 0 0 0 0\n(ULOC) 1\n───────────────────────────────────────────────────────────────────────────────\nTotal 21 1735 101 30 1604 21\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 863\nDRYness % 0.50\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $44,366\nEstimated Schedule Effort (organic) 4.21 months\nEstimated People Required (organic) 0.94\n───────────────────────────────────────────────────────────────────────────────\nProcessed 109037 bytes, 0.109 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-06-06T16:35:30Z", + "ossf_scorecard": { + "date": "2025-01-19T13:17:58Z", + "repo": { + "name": "github.com/DSACMS/open", + "commit": "c60ab12a98f1888bdb6abb3af7e798cc2f483195" }, - "predominant_langs": { - "JavaScript": 18000, - "Liquid": 16308 + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "projectType": "Website", - "userInput": "No", - "fismaLevel": "Low", - "subsetInHealthcare": "Operational", - "userType": "Government", - "repositoryHost": "Github.com", - "maturityModelTier": "2", - "average_issue_resolution_time": [ - [ - "open", - "142 days 33:53:06" - ] + "score": 4.9, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 6, + "reason": "5 out of 8 merged PRs checked by a CI test -- score normalized to 6", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 4, + "reason": "Found 6/14 approved changesets -- score normalized to 4", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 5, + "reason": "2 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 5", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 4, + "reason": "dependency not pinned by hash detected -- score normalized to 4", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 5, + "reason": "SAST tool is not run on all commits -- score normalized to 5", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 9, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 0, + "reason": "17 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "JavaScript": 18000, + "Liquid": 16308 + }, + "projectType": "Website", + "userInput": "No", + "fismaLevel": "Low", + "subsetInHealthcare": "Operational", + "userType": "Government", + "repositoryHost": "Github.com", + "maturityModelTier": "2", + "average_issue_resolution_time": [ + [ + "open", + "142 days 33:53:06" + ] + ], + "repo_dependency_libyear_list": [ + [ + "@11ty/eleventy", + 1.4328767123, + "2025-01-01T23:38:24.000" + ], + [ + "@11ty/eleventy-fetch", + 0.701369863, + "2025-01-01T23:38:24.000" + ], + [ + "@11ty/eleventy-img", + 0.9178082192, + "2025-01-01T23:38:24.000" + ], + [ + "@11ty/eleventy-plugin-vite", + 1.7890410959, + "2025-01-01T23:38:24.000" + ], + [ + "@fullhuman/postcss-purgecss", + 2.1890410959, + "2025-01-01T23:38:24.000" + ], + [ + "@octokit/graphql", + 1.5315068493, + "2025-01-01T23:38:24.000" + ], + [ + "@shopify/prettier-plugin-liquid", + 0.0, + "2025-01-01T23:38:24.000" + ], + [ + "@uswds/uswds", + 0.2054794521, + "2025-01-01T23:38:24.000" + ], + [ + "autoprefixer", + 0.0, + "2025-01-01T23:38:24.000" + ], + [ + "dotenv", + 0.0, + "2025-01-01T23:38:24.000" + ], + [ + "eslint", + 0.2410958904, + "2025-01-01T23:38:24.000" + ], + [ + "eslint-plugin-import", + 0.0, + "2025-01-01T23:38:24.000" + ], + [ + "markdown-it", + 0.4767123288, + "2025-01-01T23:38:24.000" + ], + [ + "markdown-it-link-attributes", + 0.0, + "2025-01-01T23:38:24.000" + ], + [ + "npm-run-all", + 0.0, + "2025-01-01T23:38:24.000" + ], + [ + "prettier", + 1.6164383562, + "2025-01-01T23:38:24.000" + ], + [ + "prettier-eslint", + 1.6520547945, + "2025-01-01T23:38:24.000" ], - "repo_dependency_libyear_list": [ - [ - "@11ty/eleventy", - 1.4328767123, - "2025-01-01T23:38:24.000" - ], - [ - "@11ty/eleventy-fetch", - 0.701369863, - "2025-01-01T23:38:24.000" - ], - [ - "@11ty/eleventy-img", - 0.9178082192, - "2025-01-01T23:38:24.000" - ], - [ - "@11ty/eleventy-plugin-vite", - 1.7890410959, - "2025-01-01T23:38:24.000" - ], - [ - "@fullhuman/postcss-purgecss", - 2.1890410959, - "2025-01-01T23:38:24.000" - ], - [ - "@octokit/graphql", - 1.5315068493, - "2025-01-01T23:38:24.000" - ], - [ - "@shopify/prettier-plugin-liquid", - 0.0, - "2025-01-01T23:38:24.000" - ], - [ - "@uswds/uswds", - 0.2054794521, - "2025-01-01T23:38:24.000" - ], - [ - "autoprefixer", - 0.0, - "2025-01-01T23:38:24.000" - ], - [ - "dotenv", - 0.0, - "2025-01-01T23:38:24.000" - ], - [ - "eslint", - 0.2410958904, - "2025-01-01T23:38:24.000" - ], - [ - "eslint-plugin-import", - 0.0, - "2025-01-01T23:38:24.000" - ], - [ - "markdown-it", - 0.4767123288, - "2025-01-01T23:38:24.000" - ], - [ - "markdown-it-link-attributes", - 0.0, - "2025-01-01T23:38:24.000" - ], - [ - "npm-run-all", - 0.0, - "2025-01-01T23:38:24.000" - ], - [ - "prettier", - 1.6164383562, - "2025-01-01T23:38:24.000" - ], - [ - "prettier-eslint", - 1.6520547945, - "2025-01-01T23:38:24.000" - ], - [ - "purgecss-from-html", - 0.0, - "2025-01-01T23:38:24.000" - ] + [ + "purgecss-from-html", + 0.0, + "2025-01-01T23:38:24.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/DSACMS/opportunities/opportunities_data.json b/app/site/_data/DSACMS/opportunities/opportunities_data.json index 08380d0ca6..465a3165fe 100644 --- a/app/site/_data/DSACMS/opportunities/opportunities_data.json +++ b/app/site/_data/DSACMS/opportunities/opportunities_data.json @@ -1,292 +1,292 @@ { - "url": "https://github.com/DSACMS/opportunities", - "owner": "DSACMS", - "name": "opportunities", - "description": "Resource for Public Service Internship and Fellowship Opportunities", - "commits_count": 40, - "issues_count": 4, - "open_issues_count": 4, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 2, - "total_project_lines": 222, - "average_project_lines": 37, - "total_project_comment_lines": 4, - "average_project_comment_lines": 1, - "total_project_blank_lines": 56, - "average_blank_lines": 9, - "commits_by_month": { - "2023/8": 16, - "2023/7": 14 + "url": "https://github.com/DSACMS/opportunities", + "owner": "DSACMS", + "name": "opportunities", + "description": "Resource for Public Service Internship and Fellowship Opportunities", + "commits_count": 40, + "issues_count": 4, + "open_issues_count": 4, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 2, + "total_project_lines": 222, + "average_project_lines": 37, + "total_project_comment_lines": 4, + "average_project_comment_lines": 1, + "total_project_blank_lines": 56, + "average_blank_lines": 9, + "commits_by_month": { + "2023/8": 16, + "2023/7": 14 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 6033, + "CodeBytes": 0, + "Lines": 107, + "Code": 69, + "Comment": 0, + "Blank": 38, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSS", + "Bytes": 1719, + "CodeBytes": 0, + "Lines": 83, + "Code": 70, + "Comment": 3, + "Blank": 10, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "HTML", + "Bytes": 1846, + "CodeBytes": 0, + "Lines": 32, + "Code": 23, + "Comment": 1, + "Blank": 8, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 3643.7829465672103, + "estimatedScheduleMonths_low": 1.6866181569439265, + "estimatedPeople_low": 0.2104675936545201, + "estimatedCost_high": 11355.619100957294, + "estimatedScheduleMonths_high": 1.6866181569439265, + "estimatedPeople_high": 0.2104675936545201, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 4 107 38 0 69 0\n(ULOC) 70\n-------------------------------------------------------------------------------\nCSS 1 83 10 3 70 0\n(ULOC) 62\n-------------------------------------------------------------------------------\nHTML 1 32 8 1 23 0\n(ULOC) 22\n───────────────────────────────────────────────────────────────────────────────\nTotal 6 222 56 4 162 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 152\nDRYness % 0.68\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $3,995\nEstimated Schedule Effort (organic) 1.69 months\nEstimated People Required (organic) 0.21\n───────────────────────────────────────────────────────────────────────────────\nProcessed 9598 bytes, 0.010 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-06-29T15:55:54Z", + "ossf_scorecard": { + "date": "2025-01-19T13:18:49Z", + "repo": { + "name": "github.com/DSACMS/opportunities", + "commit": "9fc14ff61eac943699c5ed4b7328e9cb52e0a8bd" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 6033, - "CodeBytes": 0, - "Lines": 107, - "Code": 69, - "Comment": 0, - "Blank": 38, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSS", - "Bytes": 1719, - "CodeBytes": 0, - "Lines": 83, - "Code": 70, - "Comment": 3, - "Blank": 10, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "HTML", - "Bytes": 1846, - "CodeBytes": 0, - "Lines": 32, - "Code": 23, - "Comment": 1, - "Blank": 8, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 3643.7829465672103, - "estimatedScheduleMonths_low": 1.6866181569439265, - "estimatedPeople_low": 0.2104675936545201, - "estimatedCost_high": 11355.619100957294, - "estimatedScheduleMonths_high": 1.6866181569439265, - "estimatedPeople_high": 0.2104675936545201, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 4 107 38 0 69 0\n(ULOC) 70\n-------------------------------------------------------------------------------\nCSS 1 83 10 3 70 0\n(ULOC) 62\n-------------------------------------------------------------------------------\nHTML 1 32 8 1 23 0\n(ULOC) 22\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 6 222 56 4 162 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 152\nDRYness % 0.68\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $3,995\nEstimated Schedule Effort (organic) 1.69 months\nEstimated People Required (organic) 0.21\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 9598 bytes, 0.010 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-06-29T15:55:54Z", - "ossf_scorecard": { - "date": "2025-01-19T13:18:49Z", - "repo": { - "name": "github.com/DSACMS/opportunities", - "commit": "9fc14ff61eac943699c5ed4b7328e9cb52e0a8bd" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.7, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/30 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 3 contributing companies or organizations -- score normalized to 10", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "HTML": 1846, - "CSS": 1719 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.7, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/30 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 3 contributing companies or organizations -- score normalized to 10", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "HTML": 1846, + "CSS": 1719 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/DSACMS/ospo-guide/ospo-guide_data.json b/app/site/_data/DSACMS/ospo-guide/ospo-guide_data.json index 25518ee70b..a601ff380f 100644 --- a/app/site/_data/DSACMS/ospo-guide/ospo-guide_data.json +++ b/app/site/_data/DSACMS/ospo-guide/ospo-guide_data.json @@ -1,329 +1,329 @@ { - "url": "https://github.com/DSACMS/ospo-guide", - "owner": "DSACMS", - "name": "ospo-guide", - "description": "Open Source Program Office Guide for CMS.gov", - "commits_count": 138, - "issues_count": 14, - "open_issues_count": 10, - "closed_issues_count": 4, - "pull_requests_count": 27, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 27, - "closed_pull_requests_count": 0, - "forks_count": 1, - "stargazers_count": 7, - "watchers_count": 1, - "created_at": "2024-04-03T20:47:21Z", - "predominant_langs": {}, - "commits_by_month": { - "2025/1": 11, - "2024/11": 13, - "2024/10": 5, - "2024/9": 1 - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 110193, - "CodeBytes": 0, - "Lines": 1557, - "Code": 1061, - "Comment": 0, - "Blank": 496, - "Complexity": 0, - "Count": 30, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7048, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 282, - "CodeBytes": 0, - "Lines": 13, - "Code": 13, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 29389.738070663057, - "estimatedScheduleMonths_low": 3.7285604934660133, - "estimatedPeople_low": 0.7678988725419891, - "estimatedCost_high": 91591.2599354379, - "estimatedScheduleMonths_high": 3.7285604934660133, - "estimatedPeople_high": 0.7678988725419891, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 30 1557 496 0 1061 0\n(ULOC) 1016\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 13 0 0 13 0\n(ULOC) 13\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 32 1691 508 0 1183 0\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 1126\nDRYness % 0.67\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $32,227\nEstimated Schedule Effort (organic) 3.73 months\nEstimated People Required (organic) 0.77\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 117523 bytes, 0.118 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/DSACMS/ospo-guide", + "owner": "DSACMS", + "name": "ospo-guide", + "description": "Open Source Program Office Guide for CMS.gov", + "commits_count": 138, + "issues_count": 14, + "open_issues_count": 10, + "closed_issues_count": 4, + "pull_requests_count": 27, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 27, + "closed_pull_requests_count": 0, + "forks_count": 1, + "stargazers_count": 7, + "watchers_count": 1, + "created_at": "2024-04-03T20:47:21Z", + "predominant_langs": {}, + "commits_by_month": { + "2025/1": 11, + "2024/11": 13, + "2024/10": 5, + "2024/9": 1 + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 115383, + "CodeBytes": 0, + "Lines": 1707, + "Code": 1177, + "Comment": 0, + "Blank": 530, + "Complexity": 0, + "Count": 31, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7048, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 282, + "CodeBytes": 0, + "Lines": 13, + "Code": 13, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 32422.86158738836, + "estimatedScheduleMonths_low": 3.8703508134607354, + "estimatedPeople_low": 0.8161134184488675, + "estimatedCost_high": 101043.79754461058, + "estimatedScheduleMonths_high": 3.8703508134607354, + "estimatedPeople_high": 0.8161134184488675, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 31 1707 530 0 1177 0\n(ULOC) 1114\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 13 0 0 13 0\n(ULOC) 13\n───────────────────────────────────────────────────────────────────────────────\nTotal 33 1841 542 0 1299 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1224\nDRYness % 0.66\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $35,553\nEstimated Schedule Effort (organic) 3.87 months\nEstimated People Required (organic) 0.82\n───────────────────────────────────────────────────────────────────────────────\nProcessed 122713 bytes, 0.123 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "ossf_scorecard": { + "date": "2025-01-19T13:19:12Z", + "repo": { + "name": "github.com/DSACMS/ospo-guide", + "commit": "20ef1ad7f04dbbace9f1110027aa2f045de76b00" }, - "ossf_scorecard": { - "date": "2025-01-19T13:19:12Z", - "repo": { - "name": "github.com/DSACMS/ospo-guide", - "commit": "20ef1ad7f04dbbace9f1110027aa2f045de76b00" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 5.1, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 0, - "reason": "0 out of 10 merged PRs checked by a CI test -- score normalized to 0", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 6, - "reason": "Found 8/12 approved changesets -- score normalized to 6", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 4 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "24 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "total_project_lines": 1362, - "average_project_lines": 44, - "total_project_comment_lines": 0, - "average_project_comment_lines": 0, - "total_project_blank_lines": 402, - "average_blank_lines": 13, - "average_issue_resolution_time": [], - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-14T00:00:00.000Z", - 1 - ], - [ - "2024-08-15T00:00:00.000Z", - 1 - ], - [ - "2024-09-26T00:00:00.000Z", - 1 - ], - [ - "2024-10-31T00:00:00.000Z", - 3 - ], - [ - "2024-11-01T00:00:00.000Z", - 1 - ] + "score": 5.1, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 0, + "reason": "0 out of 10 merged PRs checked by a CI test -- score normalized to 0", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 6, + "reason": "Found 8/12 approved changesets -- score normalized to 6", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 4 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "24 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "total_project_lines": 1362, + "average_project_lines": 44, + "total_project_comment_lines": 0, + "average_project_comment_lines": 0, + "total_project_blank_lines": 402, + "average_blank_lines": 13, + "average_issue_resolution_time": [], + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-14T00:00:00.000Z", + 1 + ], + [ + "2024-08-15T00:00:00.000Z", + 1 + ], + [ + "2024-09-26T00:00:00.000Z", + 1 + ], + [ + "2024-10-31T00:00:00.000Z", + 3 + ], + [ + "2024-11-01T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [ + [ + "2024-08-15T00:00:00.000Z", + 1 + ], + [ + "2024-08-20T00:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [ - [ - "2024-08-15T00:00:00.000Z", - 1 - ], - [ - "2024-08-20T00:00:00.000Z", - 1 - ], - [ - "2024-08-21T00:00:00.000Z", - 1 - ], - [ - "2024-09-20T00:00:00.000Z", - 1 - ] + [ + "2024-08-21T00:00:00.000Z", + 1 ], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "repo_dependency_libyear_list": [] -} \ No newline at end of file + [ + "2024-09-20T00:00:00.000Z", + 1 + ] + ], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/DSACMS/oss-community-runbook/oss-community-runbook_data.json b/app/site/_data/DSACMS/oss-community-runbook/oss-community-runbook_data.json index fe0680eaf9..e5ef60de94 100644 --- a/app/site/_data/DSACMS/oss-community-runbook/oss-community-runbook_data.json +++ b/app/site/_data/DSACMS/oss-community-runbook/oss-community-runbook_data.json @@ -1,290 +1,290 @@ { - "url": "https://github.com/DSACMS/oss-community-runbook", - "owner": "DSACMS", - "name": "oss-community-runbook", - "description": "Runbook for helping to stand-up Open Source Communities", - "commits_count": 1, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 2, - "watchers_count": 2, - "total_project_lines": 939, - "average_project_lines": 85, - "total_project_comment_lines": 7, - "average_project_comment_lines": 1, - "total_project_blank_lines": 198, - "average_blank_lines": 18, - "commits_by_month": { - "2023/7": 1 + "url": "https://github.com/DSACMS/oss-community-runbook", + "owner": "DSACMS", + "name": "oss-community-runbook", + "description": "Runbook for helping to stand-up Open Source Communities", + "commits_count": 1, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 2, + "watchers_count": 2, + "total_project_lines": 939, + "average_project_lines": 85, + "total_project_comment_lines": 7, + "average_project_comment_lines": 1, + "total_project_blank_lines": 198, + "average_blank_lines": 18, + "commits_by_month": { + "2023/7": 1 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 18268, + "CodeBytes": 0, + "Lines": 554, + "Code": 359, + "Comment": 0, + "Blank": 195, + "Complexity": 0, + "Count": 9, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 7883, + "CodeBytes": 0, + "Lines": 367, + "Code": 367, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 503, + "CodeBytes": 0, + "Lines": 18, + "Code": 8, + "Comment": 7, + "Blank": 3, + "Complexity": 3, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 17805.02536033528, + "estimatedScheduleMonths_low": 3.0820026544477104, + "estimatedPeople_low": 0.5628064891427087, + "estimatedCost_high": 55488.23545193101, + "estimatedScheduleMonths_high": 3.0820026544477104, + "estimatedPeople_high": 0.5628064891427087, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 9 554 195 0 359 0\n(ULOC) 293\n-------------------------------------------------------------------------------\nJSON 1 367 0 0 367 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nShell 1 18 3 7 8 3\n(ULOC) 15\n───────────────────────────────────────────────────────────────────────────────\nTotal 11 939 198 7 734 3\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 440\nDRYness % 0.47\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $19,524\nEstimated Schedule Effort (organic) 3.08 months\nEstimated People Required (organic) 0.56\n───────────────────────────────────────────────────────────────────────────────\nProcessed 26654 bytes, 0.027 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-07-20T20:34:00Z", + "ossf_scorecard": { + "date": "2025-01-19T13:19:21Z", + "repo": { + "name": "github.com/DSACMS/oss-community-runbook", + "commit": "c4a8f78466aa0a118409a884344357931c55d6c3" }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 18268, - "CodeBytes": 0, - "Lines": 554, - "Code": 359, - "Comment": 0, - "Blank": 195, - "Complexity": 0, - "Count": 9, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 7883, - "CodeBytes": 0, - "Lines": 367, - "Code": 367, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 503, - "CodeBytes": 0, - "Lines": 18, - "Code": 8, - "Comment": 7, - "Blank": 3, - "Complexity": 3, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 17805.02536033528, - "estimatedScheduleMonths_low": 3.0820026544477104, - "estimatedPeople_low": 0.5628064891427087, - "estimatedCost_high": 55488.23545193101, - "estimatedScheduleMonths_high": 3.0820026544477104, - "estimatedPeople_high": 0.5628064891427087, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 9 554 195 0 359 0\n(ULOC) 293\n-------------------------------------------------------------------------------\nJSON 1 367 0 0 367 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nShell 1 18 3 7 8 3\n(ULOC) 15\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 11 939 198 7 734 3\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 440\nDRYness % 0.47\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $19,524\nEstimated Schedule Effort (organic) 3.08 months\nEstimated People Required (organic) 0.56\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 26654 bytes, 0.027 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "created_at": "2023-07-20T20:34:00Z", - "ossf_scorecard": { - "date": "2025-01-19T13:19:21Z", - "repo": { - "name": "github.com/DSACMS/oss-community-runbook", - "commit": "c4a8f78466aa0a118409a884344357931c55d6c3" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.3, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/1 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": -1, - "reason": "no workflows found", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 9, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": -1, - "reason": "no dependencies found", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": -1, - "reason": "No tokens found", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null - }, - "predominant_langs": { - "Shell": 503 - }, - "average_issue_resolution_time": [], - "repo_dependency_libyear_list": [] -} \ No newline at end of file + "score": 3.3, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/1 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": -1, + "reason": "no workflows found", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 9, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": -1, + "reason": "no dependencies found", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": -1, + "reason": "No tokens found", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "predominant_langs": { + "Shell": 503 + }, + "average_issue_resolution_time": [], + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/DSACMS/repo-scaffolder/repo-scaffolder_data.json b/app/site/_data/DSACMS/repo-scaffolder/repo-scaffolder_data.json index 586e180280..5e0cbca300 100644 --- a/app/site/_data/DSACMS/repo-scaffolder/repo-scaffolder_data.json +++ b/app/site/_data/DSACMS/repo-scaffolder/repo-scaffolder_data.json @@ -1,418 +1,418 @@ { - "url": "https://github.com/DSACMS/repo-scaffolder", - "owner": "DSACMS", - "name": "repo-scaffolder", - "description": "Templates and commandline tools for creating repositories for US Federal open source projects ", - "commits_count": 717, - "issues_count": 59, - "open_issues_count": 33, - "closed_issues_count": 26, - "pull_requests_count": 174, - "open_pull_requests_count": 2, - "merged_pull_requests_count": 144, - "closed_pull_requests_count": 28, - "forks_count": 10, - "stargazers_count": 26, - "watchers_count": 2, - "total_project_lines": 9881, - "average_project_lines": 93, - "total_project_comment_lines": 242, - "average_project_comment_lines": 2, - "total_project_blank_lines": 2268, - "average_blank_lines": 21, - "commits_by_month": { - "2025/1": 28, - "2024/12": 2 - }, - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-13T00:00:00.000Z", - 1 - ], - [ - "2024-08-14T00:00:00.000Z", - 1 - ], - [ - "2024-08-15T00:00:00.000Z", - 1 - ], - [ - "2024-08-28T00:00:00.000Z", - 1 - ], - [ - "2024-09-16T00:00:00.000Z", - 1 - ], - [ - "2024-09-23T00:00:00.000Z", - 1 - ], - [ - "2024-09-26T00:00:00.000Z", - 1 - ], - [ - "2024-10-02T00:00:00.000Z", - 1 - ], - [ - "2024-10-16T00:00:00.000Z", - 1 - ], - [ - "2024-10-21T00:00:00.000Z", - 1 - ] + "url": "https://github.com/DSACMS/repo-scaffolder", + "owner": "DSACMS", + "name": "repo-scaffolder", + "description": "Templates and commandline tools for creating repositories for US Federal open source projects ", + "commits_count": 717, + "issues_count": 59, + "open_issues_count": 33, + "closed_issues_count": 26, + "pull_requests_count": 174, + "open_pull_requests_count": 2, + "merged_pull_requests_count": 144, + "closed_pull_requests_count": 28, + "forks_count": 10, + "stargazers_count": 26, + "watchers_count": 2, + "total_project_lines": 9881, + "average_project_lines": 93, + "total_project_comment_lines": 242, + "average_project_comment_lines": 2, + "total_project_blank_lines": 2268, + "average_blank_lines": 21, + "commits_by_month": { + "2025/1": 28, + "2024/12": 2 + }, + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-13T00:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", - "nadia_color": "ff0000", - "nadia_badge_name": "midsize", - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 334119, - "CodeBytes": 0, - "Lines": 5836, - "Code": 3910, - "Comment": 0, - "Blank": 1926, - "Complexity": 0, - "Count": 48, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 37990, - "CodeBytes": 0, - "Lines": 1181, - "Code": 930, - "Comment": 139, - "Blank": 112, - "Complexity": 0, - "Count": 26, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 83194, - "CodeBytes": 0, - "Lines": 1544, - "Code": 1543, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 19, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 31459, - "CodeBytes": 0, - "Lines": 953, - "Code": 643, - "Comment": 92, - "Blank": 218, - "Complexity": 136, - "Count": 10, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 42283, - "CodeBytes": 0, - "Lines": 726, - "Code": 654, - "Comment": 0, - "Blank": 72, - "Complexity": 0, - "Count": 6, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 1004, - "CodeBytes": 0, - "Lines": 44, - "Code": 33, - "Comment": 3, - "Blank": 8, - "Complexity": 5, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 20, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 210477.34165351867, - "estimatedScheduleMonths_low": 7.878523861675102, - "estimatedPeople_low": 2.602615448156702, - "estimatedCost_high": 655939.3235678631, - "estimatedScheduleMonths_high": 7.878523861675102, - "estimatedPeople_high": 2.602615448156702, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 48 5836 1926 0 3910 0\n(ULOC) 1373\n-------------------------------------------------------------------------------\nYAML 26 1181 112 139 930 0\n(ULOC) 409\n-------------------------------------------------------------------------------\nJSON 19 1544 1 0 1543 0\n(ULOC) 377\n-------------------------------------------------------------------------------\nPython 10 953 218 92 643 136\n(ULOC) 239\n-------------------------------------------------------------------------------\nLicense 6 726 72 0 654 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 3 44 8 3 33 5\n(ULOC) 33\n-------------------------------------------------------------------------------\nPlain Text 1 1 0 0 1 0\n(ULOC) 2\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 113 10285 2337 234 7714 141\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 2520\nDRYness % 0.25\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $230,801\nEstimated Schedule Effort (organic) 7.88 months\nEstimated People Required (organic) 2.60\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 530069 bytes, 0.530 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" - }, - "created_at": "2023-10-05T18:06:51Z", - "project_type": "Tools", - "user_input": "No", - "project_fisma_level": "Low", - "group": "CMS/OA/DSAC", - "subset_in_healthcare": "Operational", - "user_type": "Government", - "repository_host": "Github.com", - "maturity_model_tier": "3", - "ossf_scorecard": { - "date": "2025-01-19T13:18:32Z", - "repo": { - "name": "github.com/DSACMS/repo-scaffolder", - "commit": "6a5b72f10d4beb57b70833aabe268c5dc138afec" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 6.5, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 4, - "reason": "branch protection is not maximal on development and all release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "10 out of 10 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 9, - "reason": "Found 9/10 approved changesets -- score normalized to 9", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 10, - "reason": "project has 13 contributing companies or organizations", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 10, - "reason": "30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 10, - "reason": "SAST tool is run on all commits", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + [ + "2024-08-14T00:00:00.000Z", + 1 + ], + [ + "2024-08-15T00:00:00.000Z", + 1 + ], + [ + "2024-08-28T00:00:00.000Z", + 1 + ], + [ + "2024-09-16T00:00:00.000Z", + 1 + ], + [ + "2024-09-23T00:00:00.000Z", + 1 + ], + [ + "2024-09-26T00:00:00.000Z", + 1 + ], + [ + "2024-10-02T00:00:00.000Z", + 1 + ], + [ + "2024-10-16T00:00:00.000Z", + 1 + ], + [ + "2024-10-21T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=midsize&color=ff0000", + "nadia_color": "ff0000", + "nadia_badge_name": "midsize", + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 356433, + "CodeBytes": 0, + "Lines": 6153, + "Code": 4106, + "Comment": 0, + "Blank": 2047, + "Complexity": 0, + "Count": 53, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 37990, + "CodeBytes": 0, + "Lines": 1181, + "Code": 930, + "Comment": 139, + "Blank": 112, + "Complexity": 0, + "Count": 26, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 83194, + "CodeBytes": 0, + "Lines": 1544, + "Code": 1543, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 19, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 31459, + "CodeBytes": 0, + "Lines": 953, + "Code": 643, + "Comment": 92, + "Blank": 218, + "Complexity": 136, + "Count": 10, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 42283, + "CodeBytes": 0, + "Lines": 726, + "Code": 654, + "Comment": 0, + "Blank": 72, + "Complexity": 0, + "Count": 6, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 1004, + "CodeBytes": 0, + "Lines": 44, + "Code": 33, + "Comment": 3, + "Blank": 8, + "Complexity": 5, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 20, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 216096.15589790838, + "estimatedScheduleMonths_low": 7.9577940893658, + "estimatedPeople_low": 2.645476158495582, + "estimatedCost_high": 673450.0027971057, + "estimatedScheduleMonths_high": 7.9577940893658, + "estimatedPeople_high": 2.645476158495582, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 53 6153 2047 0 4106 0\n(ULOC) 1479\n-------------------------------------------------------------------------------\nYAML 26 1181 112 139 930 0\n(ULOC) 409\n-------------------------------------------------------------------------------\nJSON 19 1544 1 0 1543 0\n(ULOC) 377\n-------------------------------------------------------------------------------\nPython 10 953 218 92 643 136\n(ULOC) 239\n-------------------------------------------------------------------------------\nLicense 6 726 72 0 654 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 3 44 8 3 33 5\n(ULOC) 33\n-------------------------------------------------------------------------------\nPlain Text 1 1 0 0 1 0\n(ULOC) 2\n───────────────────────────────────────────────────────────────────────────────\nTotal 118 10602 2458 234 7910 141\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2626\nDRYness % 0.25\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $236,963\nEstimated Schedule Effort (organic) 7.96 months\nEstimated People Required (organic) 2.65\n───────────────────────────────────────────────────────────────────────────────\nProcessed 552383 bytes, 0.552 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "created_at": "2023-10-05T18:06:51Z", + "project_type": "Tools", + "user_input": "No", + "project_fisma_level": "Low", + "group": "CMS/OA/DSAC", + "subset_in_healthcare": "Operational", + "user_type": "Government", + "repository_host": "Github.com", + "maturity_model_tier": "3", + "ossf_scorecard": { + "date": "2025-01-19T13:18:32Z", + "repo": { + "name": "github.com/DSACMS/repo-scaffolder", + "commit": "6a5b72f10d4beb57b70833aabe268c5dc138afec" }, - "predominant_langs": { - "Python": 12175 + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "projectType": "Tools", - "userInput": "No", - "fismaLevel": "Low", - "subsetInHealthcare": "Operational", - "userType": "Government", - "repositoryHost": "Github.com", - "maturityModelTier": "3", - "average_issue_resolution_time": [ - [ - "repo-scaffolder", - "86 days 27:44:21.777778" - ] + "score": 6.5, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 4, + "reason": "branch protection is not maximal on development and all release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "10 out of 10 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 9, + "reason": "Found 9/10 approved changesets -- score normalized to 9", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 10, + "reason": "project has 13 contributing companies or organizations", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 10, + "reason": "30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 10, + "reason": "SAST tool is run on all commits", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } ], - "repo_dependency_libyear_list": [ - [ - "cookiecutter", - 0.397260274, - "2025-01-01T23:38:33.000" - ] + "metadata": null + }, + "predominant_langs": { + "Python": 12175 + }, + "projectType": "Tools", + "userInput": "No", + "fismaLevel": "Low", + "subsetInHealthcare": "Operational", + "userType": "Government", + "repositoryHost": "Github.com", + "maturityModelTier": "3", + "average_issue_resolution_time": [ + [ + "repo-scaffolder", + "86 days 27:44:21.777778" + ] + ], + "repo_dependency_libyear_list": [ + [ + "cookiecutter", + 0.397260274, + "2025-01-01T23:38:33.000" ] -} \ No newline at end of file + ] +} diff --git a/app/site/_data/DSACMS/repodive-tools/repodive-tools_data.json b/app/site/_data/DSACMS/repodive-tools/repodive-tools_data.json index 23356efe62..493a289af3 100644 --- a/app/site/_data/DSACMS/repodive-tools/repodive-tools_data.json +++ b/app/site/_data/DSACMS/repodive-tools/repodive-tools_data.json @@ -1,363 +1,363 @@ { - "url": "https://github.com/DSACMS/repodive-tools", - "owner": "DSACMS", - "name": "repodive-tools", - "description": "Scripts and tools to gather information about git repositories.", - "commits_count": 24, - "issues_count": 1, - "open_issues_count": 1, - "closed_issues_count": 0, - "pull_requests_count": 7, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 3, - "closed_pull_requests_count": 4, - "forks_count": 0, - "stargazers_count": 1, - "watchers_count": 0, - "created_at": "2024-07-30T16:54:18Z", - "predominant_langs": { - "Shell": 4671, - "Python": 1523 - }, - "userInput": "Yes", - "fismaLevel": "Low", - "group": "DSAC", - "subsetInHealthcare": "Operational", - "userType": "Government", - "repositoryHost": "Github.com", - "maturityModelTier": "1", - "commits_by_month": { - "2024/12": 3, - "2024/10": 5, - "2024/8": 4, - "2024/7": 12 - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 38551, - "CodeBytes": 0, - "Lines": 658, - "Code": 414, - "Comment": 0, - "Blank": 244, - "Complexity": 0, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Shell", - "Bytes": 4671, - "CodeBytes": 0, - "Lines": 166, - "Code": 100, - "Comment": 34, - "Blank": 32, - "Complexity": 23, - "Count": 4, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 50621, - "CodeBytes": 0, - "Lines": 882, - "Code": 882, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 1523, - "CodeBytes": 0, - "Lines": 67, - "Code": 44, - "Comment": 3, - "Blank": 20, - "Complexity": 11, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2921, - "CodeBytes": 0, - "Lines": 82, - "Code": 45, - "Comment": 26, - "Blank": 11, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7047, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 40195.225235687954, - "estimatedScheduleMonths_low": 4.1996502064208, - "estimatedPeople_low": 0.9324184439172437, - "estimatedCost_high": 125265.87728933475, - "estimatedScheduleMonths_high": 4.1996502064208, - "estimatedPeople_high": 0.9324184439172437, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 4 658 244 0 414 0\n(ULOC) 371\n-------------------------------------------------------------------------------\nShell 4 166 32 34 100 23\n(ULOC) 97\n-------------------------------------------------------------------------------\nJSON 2 882 0 0 882 0\n(ULOC) 282\n-------------------------------------------------------------------------------\nPython 2 67 20 3 44 11\n(ULOC) 38\n-------------------------------------------------------------------------------\nYAML 2 82 11 26 45 0\n(ULOC) 68\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 15 1976 319 63 1594 34\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 958\nDRYness % 0.48\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $44,076\nEstimated Schedule Effort (organic) 4.20 months\nEstimated People Required (organic) 0.93\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 105334 bytes, 0.105 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/DSACMS/repodive-tools", + "owner": "DSACMS", + "name": "repodive-tools", + "description": "Scripts and tools to gather information about git repositories.", + "commits_count": 24, + "issues_count": 1, + "open_issues_count": 1, + "closed_issues_count": 0, + "pull_requests_count": 7, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 3, + "closed_pull_requests_count": 4, + "forks_count": 0, + "stargazers_count": 1, + "watchers_count": 0, + "created_at": "2024-07-30T16:54:18Z", + "predominant_langs": { + "Shell": 4671, + "Python": 1523 + }, + "userInput": "Yes", + "fismaLevel": "Low", + "group": "DSAC", + "subsetInHealthcare": "Operational", + "userType": "Government", + "repositoryHost": "Github.com", + "maturityModelTier": "1", + "commits_by_month": { + "2024/12": 3, + "2024/10": 5, + "2024/8": 4, + "2024/7": 12 + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 38551, + "CodeBytes": 0, + "Lines": 658, + "Code": 414, + "Comment": 0, + "Blank": 244, + "Complexity": 0, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Shell", + "Bytes": 4671, + "CodeBytes": 0, + "Lines": 166, + "Code": 100, + "Comment": 34, + "Blank": 32, + "Complexity": 23, + "Count": 4, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 50621, + "CodeBytes": 0, + "Lines": 882, + "Code": 882, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 1523, + "CodeBytes": 0, + "Lines": 67, + "Code": 44, + "Comment": 3, + "Blank": 20, + "Complexity": 11, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2921, + "CodeBytes": 0, + "Lines": 82, + "Code": 45, + "Comment": 26, + "Blank": 11, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7047, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 40195.225235687954, + "estimatedScheduleMonths_low": 4.1996502064208, + "estimatedPeople_low": 0.9324184439172437, + "estimatedCost_high": 125265.87728933475, + "estimatedScheduleMonths_high": 4.1996502064208, + "estimatedPeople_high": 0.9324184439172437, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 4 658 244 0 414 0\n(ULOC) 371\n-------------------------------------------------------------------------------\nShell 4 166 32 34 100 23\n(ULOC) 97\n-------------------------------------------------------------------------------\nJSON 2 882 0 0 882 0\n(ULOC) 282\n-------------------------------------------------------------------------------\nPython 2 67 20 3 44 11\n(ULOC) 38\n-------------------------------------------------------------------------------\nYAML 2 82 11 26 45 0\n(ULOC) 68\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 15 1976 319 63 1594 34\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 958\nDRYness % 0.48\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $44,076\nEstimated Schedule Effort (organic) 4.20 months\nEstimated People Required (organic) 0.93\n───────────────────────────────────────────────────────────────────────────────\nProcessed 105334 bytes, 0.105 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "ossf_scorecard": { + "date": "2025-01-19T13:19:06Z", + "repo": { + "name": "github.com/DSACMS/repodive-tools", + "commit": "0b5b1d4caebfa9270eab8178b6f05b0976a50997" }, - "ossf_scorecard": { - "date": "2025-01-19T13:19:06Z", - "repo": { - "name": "github.com/DSACMS/repodive-tools", - "commit": "0b5b1d4caebfa9270eab8178b6f05b0976a50997" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 4.4, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": 10, - "reason": "3 out of 3 merged PRs checked by a CI test -- score normalized to 10", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 1/13 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 3, - "reason": "project has 1 contributing companies or organizations -- score normalized to 3", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 6, - "reason": "8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "SAST tool is not run on all commits -- score normalized to 0", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "total_project_lines": 1976, - "average_project_lines": 132, - "total_project_comment_lines": 63, - "average_project_comment_lines": 4, - "total_project_blank_lines": 319, - "average_blank_lines": 21, - "average_issue_resolution_time": [], - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-14T00:00:00.000Z", - 1 - ], - [ - "2024-10-24T00:00:00.000Z", - 1 - ], - [ - "2024-10-25T00:00:00.000Z", - 1 - ], - [ - "2024-10-30T00:00:00.000Z", - 1 - ] + "score": 4.4, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": 10, + "reason": "3 out of 3 merged PRs checked by a CI test -- score normalized to 10", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 1/13 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 3, + "reason": "project has 1 contributing companies or organizations -- score normalized to 3", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 6, + "reason": "8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "SAST tool is not run on all commits -- score normalized to 0", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "total_project_lines": 1976, + "average_project_lines": 132, + "total_project_comment_lines": 63, + "average_project_comment_lines": 4, + "total_project_blank_lines": 319, + "average_blank_lines": 21, + "average_issue_resolution_time": [], + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-14T00:00:00.000Z", + 1 + ], + [ + "2024-10-24T00:00:00.000Z", + 1 + ], + [ + "2024-10-25T00:00:00.000Z", + 1 ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "repo_dependency_libyear_list": [] -} \ No newline at end of file + [ + "2024-10-30T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "repo_dependency_libyear_list": [] +} diff --git a/app/site/_data/DSACMS/reverse-scorecard-generation/reverse-scorecard-generation_data.json b/app/site/_data/DSACMS/reverse-scorecard-generation/reverse-scorecard-generation_data.json index 7f200098b3..531faccc78 100644 --- a/app/site/_data/DSACMS/reverse-scorecard-generation/reverse-scorecard-generation_data.json +++ b/app/site/_data/DSACMS/reverse-scorecard-generation/reverse-scorecard-generation_data.json @@ -1,367 +1,367 @@ { - "url": "https://github.com/DSACMS/reverse-scorecard-generation", - "owner": "DSACMS", - "name": "reverse-scorecard-generation", - "description": "Combine column-major HHS Zero Trust Scorecard Excel spreadsheets into a row-major CSV file.", - "commits_count": 4, - "issues_count": 0, - "open_issues_count": 0, - "closed_issues_count": 0, - "pull_requests_count": 0, - "open_pull_requests_count": 0, - "merged_pull_requests_count": 0, - "closed_pull_requests_count": 0, - "forks_count": 0, - "stargazers_count": 0, - "watchers_count": 1, - "created_at": "2024-08-01T03:10:28Z", - "predominant_langs": { - "Python": 3086 - }, - "group": "CMS/OA/DSAC", - "commits_by_month": { - "2024/8": 4 - }, - "cocomo": { - "languageSummary": [ - { - "Name": "Markdown", - "Bytes": 13344, - "CodeBytes": 0, - "Lines": 282, - "Code": 190, - "Comment": 0, - "Blank": 92, - "Complexity": 0, - "Count": 3, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "JSON", - "Bytes": 20845, - "CodeBytes": 0, - "Lines": 825, - "Code": 825, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 2, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "CSV", - "Bytes": 2360, - "CodeBytes": 0, - "Lines": 1, - "Code": 1, - "Comment": 0, - "Blank": 0, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "License", - "Bytes": 7047, - "CodeBytes": 0, - "Lines": 121, - "Code": 109, - "Comment": 0, - "Blank": 12, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Plain Text", - "Bytes": 81, - "CodeBytes": 0, - "Lines": 3, - "Code": 2, - "Comment": 0, - "Blank": 1, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "Python", - "Bytes": 3086, - "CodeBytes": 0, - "Lines": 94, - "Code": 56, - "Comment": 21, - "Blank": 17, - "Complexity": 12, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - }, - { - "Name": "YAML", - "Bytes": 2975, - "CodeBytes": 0, - "Lines": 71, - "Code": 25, - "Comment": 37, - "Blank": 9, - "Complexity": 0, - "Count": 1, - "WeightedComplexity": 0, - "Files": [], - "LineLength": null, - "ULOC": 0 - } - ], - "estimatedCost_low": 30042.21948359698, - "estimatedScheduleMonths_low": 3.7598021102877883, - "estimatedPeople_low": 0.7784245699441691, - "estimatedCost_high": 93624.67699248635, - "estimatedScheduleMonths_high": 3.7598021102877883, - "estimatedPeople_high": 0.7784245699441691, - "dryness_table": "\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nLanguage Files Lines Blanks Comments Code Complexity\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nMarkdown 3 282 92 0 190 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nJSON 2 825 0 0 825 0\n(ULOC) 156\n-------------------------------------------------------------------------------\nCSV 1 1 0 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nPlain Text 1 3 1 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nPython 1 94 17 21 56 12\n(ULOC) 78\n-------------------------------------------------------------------------------\nYAML 1 71 9 37 25 0\n(ULOC) 56\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nTotal 10 1397 131 58 1208 12\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nUnique Lines of Code (ULOC) 532\nDRYness % 0.38\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nEstimated Cost to Develop (organic) $32,943\nEstimated Schedule Effort (organic) 3.76 months\nEstimated People Required (organic) 0.78\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nProcessed 49738 bytes, 0.050 megabytes (SI)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n" + "url": "https://github.com/DSACMS/reverse-scorecard-generation", + "owner": "DSACMS", + "name": "reverse-scorecard-generation", + "description": "Combine column-major HHS Zero Trust Scorecard Excel spreadsheets into a row-major CSV file.", + "commits_count": 4, + "issues_count": 0, + "open_issues_count": 0, + "closed_issues_count": 0, + "pull_requests_count": 0, + "open_pull_requests_count": 0, + "merged_pull_requests_count": 0, + "closed_pull_requests_count": 0, + "forks_count": 0, + "stargazers_count": 0, + "watchers_count": 1, + "created_at": "2024-08-01T03:10:28Z", + "predominant_langs": { + "Python": 3086 + }, + "group": "CMS/OA/DSAC", + "commits_by_month": { + "2024/8": 4 + }, + "cocomo": { + "languageSummary": [ + { + "Name": "Markdown", + "Bytes": 13344, + "CodeBytes": 0, + "Lines": 282, + "Code": 190, + "Comment": 0, + "Blank": 92, + "Complexity": 0, + "Count": 3, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "JSON", + "Bytes": 20845, + "CodeBytes": 0, + "Lines": 825, + "Code": 825, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 2, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "CSV", + "Bytes": 2360, + "CodeBytes": 0, + "Lines": 1, + "Code": 1, + "Comment": 0, + "Blank": 0, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "License", + "Bytes": 7047, + "CodeBytes": 0, + "Lines": 121, + "Code": 109, + "Comment": 0, + "Blank": 12, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Plain Text", + "Bytes": 81, + "CodeBytes": 0, + "Lines": 3, + "Code": 2, + "Comment": 0, + "Blank": 1, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "Python", + "Bytes": 3086, + "CodeBytes": 0, + "Lines": 94, + "Code": 56, + "Comment": 21, + "Blank": 17, + "Complexity": 12, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + }, + { + "Name": "YAML", + "Bytes": 2975, + "CodeBytes": 0, + "Lines": 71, + "Code": 25, + "Comment": 37, + "Blank": 9, + "Complexity": 0, + "Count": 1, + "WeightedComplexity": 0, + "Files": [], + "LineLength": null, + "ULOC": 0 + } + ], + "estimatedCost_low": 30042.21948359698, + "estimatedScheduleMonths_low": 3.7598021102877883, + "estimatedPeople_low": 0.7784245699441691, + "estimatedCost_high": 93624.67699248635, + "estimatedScheduleMonths_high": 3.7598021102877883, + "estimatedPeople_high": 0.7784245699441691, + "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nMarkdown 3 282 92 0 190 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nJSON 2 825 0 0 825 0\n(ULOC) 156\n-------------------------------------------------------------------------------\nCSV 1 1 0 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nPlain Text 1 3 1 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nPython 1 94 17 21 56 12\n(ULOC) 78\n-------------------------------------------------------------------------------\nYAML 1 71 9 37 25 0\n(ULOC) 56\n───────────────────────────────────────────────────────────────────────────────\nTotal 10 1397 131 58 1208 12\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 532\nDRYness % 0.38\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $32,943\nEstimated Schedule Effort (organic) 3.76 months\nEstimated People Required (organic) 0.78\n───────────────────────────────────────────────────────────────────────────────\nProcessed 49738 bytes, 0.050 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" + }, + "ossf_scorecard": { + "date": "2025-01-19T13:19:28Z", + "repo": { + "name": "github.com/DSACMS/reverse-scorecard-generation", + "commit": "a7ce7b5f4823b38a2b13a3ac830cb07c5c0ee39a" }, - "ossf_scorecard": { - "date": "2025-01-19T13:19:28Z", - "repo": { - "name": "github.com/DSACMS/reverse-scorecard-generation", - "commit": "a7ce7b5f4823b38a2b13a3ac830cb07c5c0ee39a" - }, - "scorecard": { - "version": "v5.0.0-135-gd28512b6", - "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" - }, - "score": 3.6, - "checks": [ - { - "details": null, - "score": 10, - "reason": "no binaries found in the repo", - "name": "Binary-Artifacts", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", - "short": "Determines if the project has generated executable (binary) artifacts in the source repository." - } - }, - { - "details": null, - "score": 0, - "reason": "branch protection not enabled on development/release branches", - "name": "Branch-Protection", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", - "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." - } - }, - { - "details": null, - "score": -1, - "reason": "no pull request found", - "name": "CI-Tests", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", - "short": "Determines if the project runs tests before pull requests are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "no effort to earn an OpenSSF best practices badge detected", - "name": "CII-Best-Practices", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", - "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." - } - }, - { - "details": null, - "score": 0, - "reason": "Found 0/4 approved changesets -- score normalized to 0", - "name": "Code-Review", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", - "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." - } - }, - { - "details": null, - "score": 0, - "reason": "project has 0 contributing companies or organizations -- score normalized to 0", - "name": "Contributors", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", - "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." - } - }, - { - "details": null, - "score": 10, - "reason": "no dangerous workflow patterns detected", - "name": "Dangerous-Workflow", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", - "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." - } - }, - { - "details": null, - "score": 0, - "reason": "no update tool detected", - "name": "Dependency-Update-Tool", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", - "short": "Determines if the project uses a dependency update tool." - } - }, - { - "details": null, - "score": 0, - "reason": "project is not fuzzed", - "name": "Fuzzing", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", - "short": "Determines if the project uses fuzzing." - } - }, - { - "details": null, - "score": 10, - "reason": "license file detected", - "name": "License", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", - "short": "Determines if the project has defined a license." - } - }, - { - "details": null, - "score": 0, - "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", - "name": "Maintained", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", - "short": "Determines if the project is \"actively maintained\"." - } - }, - { - "details": null, - "score": -1, - "reason": "packaging workflow not detected", - "name": "Packaging", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", - "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." - } - }, - { - "details": null, - "score": 0, - "reason": "dependency not pinned by hash detected -- score normalized to 0", - "name": "Pinned-Dependencies", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", - "short": "Determines if the project has declared and pinned the dependencies of its build process." - } - }, - { - "details": null, - "score": 0, - "reason": "no SAST tool detected", - "name": "SAST", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", - "short": "Determines if the project uses static code analysis." - } - }, - { - "details": null, - "score": 10, - "reason": "security policy file detected", - "name": "Security-Policy", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", - "short": "Determines if the project has published a security policy." - } - }, - { - "details": null, - "score": -1, - "reason": "no releases found", - "name": "Signed-Releases", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", - "short": "Determines if the project cryptographically signs release artifacts." - } - }, - { - "details": null, - "score": 0, - "reason": "detected GitHub workflow tokens with excessive permissions", - "name": "Token-Permissions", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", - "short": "Determines if the project's workflows follow the principle of least privilege." - } - }, - { - "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", - "name": "Vulnerabilities", - "documentation": { - "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", - "short": "Determines if the project has open, known unfixed vulnerabilities." - } - } - ], - "metadata": null + "scorecard": { + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "total_project_lines": 1397, - "average_project_lines": 140, - "total_project_comment_lines": 58, - "average_project_comment_lines": 6, - "total_project_blank_lines": 131, - "average_blank_lines": 13, - "average_issue_resolution_time": [], - "new_commit_contributors_by_day_over_last_month": [], - "new_commit_contributors_by_day_over_last_six_months": [ - [ - "2024-08-12T00:00:00.000Z", - 1 - ] + "score": 3.6, + "checks": [ + { + "details": null, + "score": 10, + "reason": "no binaries found in the repo", + "name": "Binary-Artifacts", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", + "short": "Determines if the project has generated executable (binary) artifacts in the source repository." + } + }, + { + "details": null, + "score": 0, + "reason": "branch protection not enabled on development/release branches", + "name": "Branch-Protection", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", + "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." + } + }, + { + "details": null, + "score": -1, + "reason": "no pull request found", + "name": "CI-Tests", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", + "short": "Determines if the project runs tests before pull requests are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "no effort to earn an OpenSSF best practices badge detected", + "name": "CII-Best-Practices", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", + "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." + } + }, + { + "details": null, + "score": 0, + "reason": "Found 0/4 approved changesets -- score normalized to 0", + "name": "Code-Review", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", + "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." + } + }, + { + "details": null, + "score": 0, + "reason": "project has 0 contributing companies or organizations -- score normalized to 0", + "name": "Contributors", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", + "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." + } + }, + { + "details": null, + "score": 10, + "reason": "no dangerous workflow patterns detected", + "name": "Dangerous-Workflow", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", + "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." + } + }, + { + "details": null, + "score": 0, + "reason": "no update tool detected", + "name": "Dependency-Update-Tool", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", + "short": "Determines if the project uses a dependency update tool." + } + }, + { + "details": null, + "score": 0, + "reason": "project is not fuzzed", + "name": "Fuzzing", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", + "short": "Determines if the project uses fuzzing." + } + }, + { + "details": null, + "score": 10, + "reason": "license file detected", + "name": "License", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", + "short": "Determines if the project has defined a license." + } + }, + { + "details": null, + "score": 0, + "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", + "name": "Maintained", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", + "short": "Determines if the project is \"actively maintained\"." + } + }, + { + "details": null, + "score": -1, + "reason": "packaging workflow not detected", + "name": "Packaging", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", + "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." + } + }, + { + "details": null, + "score": 0, + "reason": "dependency not pinned by hash detected -- score normalized to 0", + "name": "Pinned-Dependencies", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", + "short": "Determines if the project has declared and pinned the dependencies of its build process." + } + }, + { + "details": null, + "score": 0, + "reason": "no SAST tool detected", + "name": "SAST", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", + "short": "Determines if the project uses static code analysis." + } + }, + { + "details": null, + "score": 10, + "reason": "security policy file detected", + "name": "Security-Policy", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", + "short": "Determines if the project has published a security policy." + } + }, + { + "details": null, + "score": -1, + "reason": "no releases found", + "name": "Signed-Releases", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", + "short": "Determines if the project cryptographically signs release artifacts." + } + }, + { + "details": null, + "score": 0, + "reason": "detected GitHub workflow tokens with excessive permissions", + "name": "Token-Permissions", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", + "short": "Determines if the project's workflows follow the principle of least privilege." + } + }, + { + "details": null, + "score": 10, + "reason": "0 existing vulnerabilities detected", + "name": "Vulnerabilities", + "documentation": { + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", + "short": "Determines if the project has open, known unfixed vulnerabilities." + } + } + ], + "metadata": null + }, + "total_project_lines": 1397, + "average_project_lines": 140, + "total_project_comment_lines": 58, + "average_project_comment_lines": 6, + "total_project_blank_lines": 131, + "average_blank_lines": 13, + "average_issue_resolution_time": [], + "new_commit_contributors_by_day_over_last_month": [], + "new_commit_contributors_by_day_over_last_six_months": [ + [ + "2024-08-12T00:00:00.000Z", + 1 + ] + ], + "new_issues_by_day_over_last_month": [], + "new_issues_by_day_over_last_six_months": [], + "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", + "nadia_color": "0000ff", + "nadia_badge_name": "toy", + "repo_dependency_libyear_list": [ + [ + "Automatically", + -1.0, + "2024-12-17T15:56:00.000" ], - "new_issues_by_day_over_last_month": [], - "new_issues_by_day_over_last_six_months": [], - "nadia_shields_badge_url": "https://img.shields.io/static/v1?label=project+type&message=toy&color=0000ff", - "nadia_color": "0000ff", - "nadia_badge_name": "toy", - "repo_dependency_libyear_list": [ - [ - "Automatically", - -1.0, - "2024-12-17T15:56:00.000" - ], - [ - "openpyxl", - 1.298630137, - "2024-12-17T15:56:00.000" - ] + [ + "openpyxl", + 1.298630137, + "2024-12-17T15:56:00.000" ] -} \ No newline at end of file + ] +}