From f7fd2cc24a58bea822c91f53cbebaad7fdb65300 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Sun, 19 Jan 2025 14:44:53 +0000 Subject: [PATCH] update measureauthoringtool data: Sun Jan 19 14:44:53 UTC 2025 --- .../bonnie-patient-conversion_data.json | 42 ++++++------- .../bonnie/bonnie_data.json | 44 +++++++------- .../bonnie_bundler/bonnie_bundler_data.json | 42 ++++++------- .../clinical_quality_language_data.json | 44 +++++++------- .../clyde/clyde_data.json | 42 ++++++------- .../cql-antlr-parser_data.json | 42 ++++++------- .../cql-exec-fhir/cql-exec-fhir_data.json | 44 +++++++------- .../cql-execution/cql-execution_data.json | 44 +++++++------- .../cql-library-service_data.json | 50 ++++++++-------- .../cql-validation-service_data.json | 42 ++++++------- .../cql_poc/cql_poc_data.json | 42 ++++++------- .../cql_qdm_patientapi_data.json | 42 ++++++------- .../cqltoelm/cqltoelm_data.json | 44 +++++++------- .../dynamicmoduleloading_data.json | 42 ++++++------- .../excel-export/excel-export_data.json | 48 +++++++-------- .../execution-lambda_data.json | 44 +++++++------- .../fhir-mongoid-models_data.json | 42 ++++++------- .../fhir-mongoose-models_data.json | 44 +++++++------- .../fhir-typescript-models_data.json | 42 ++++++------- .../hapi-fhir-jpaserver-starter_data.json | 48 +++++++-------- .../health-data-standards_data.json | 42 ++++++------- .../madie-auth/madie-auth_data.json | 42 ++++++------- .../madie-components_data.json | 42 ++++++------- .../madie-cql-library_data.json | 42 ++++++------- .../madie-cypress/madie-cypress_data.json | 48 +++++++-------- .../madie-design-system_data.json | 44 +++++++------- .../madie-editor/madie-editor_data.json | 44 +++++++------- .../madie-fhir-elm-translator_data.json | 44 +++++++------- .../madie-fhir-service_data.json | 44 +++++++------- .../madie-frontend-template_data.json | 42 ++++++------- .../madie-java-models_data.json | 46 +++++++------- .../madie-layout/madie-layout_data.json | 42 ++++++------- .../madie-measure/madie-measure_data.json | 52 ++++++++-------- .../madie-models/madie-models_data.json | 42 ++++++------- .../madie-patient/madie-patient_data.json | 46 +++++++------- .../madie-public/madie-public_data.json | 42 ++++++------- .../madie-qdm-elm-translation_data.json | 44 +++++++------- .../madie-qdm-service_data.json | 44 +++++++------- .../madie-rest-commons_data.json | 42 ++++++------- .../madie-root/madie-root_data.json | 42 ++++++------- .../madie-server-commons_data.json | 42 ++++++------- .../madie-translator-commons_data.json | 44 +++++++------- .../madie-util/madie-util_data.json | 42 ++++++------- .../mat-drupal/mat-drupal_data.json | 42 ++++++------- .../mat-fhir-jpaserver_data.json | 42 ++++++------- .../mat-iac/mat-iac_data.json | 42 ++++++------- .../mat-public-website-portlets_data.json | 44 +++++++------- .../mat-tomcat/mat-tomcat_data.json | 42 ++++++------- .../mat_automation_cypress_data.json | 42 ++++++------- .../mat_automation_selenium_data.json | 42 ++++++------- .../mat_framework_for_vsac_data.json | 42 ++++++------- .../measure-authoring-tool-frontend_data.json | 46 +++++++------- .../measure-authoring-tool-server_data.json | 42 ++++++------- .../measure-service/measure-service_data.json | 46 +++++++------- .../measure-transfer-lambda_data.json | 42 ++++++------- .../measureauthoringtool_data.json | 42 ++++++------- ...easureauthoringtool_latestsprint_data.json | 42 ++++++------- .../measureauthoringtool_release_data.json | 42 ++++++------- .../model-info-parser_data.json | 42 ++++++------- .../package-service/package-service_data.json | 42 ++++++------- .../packaging-utility_data.json | 54 ++++++++--------- .../qdm-qicore-conversion_data.json | 44 +++++++------- .../qrda-export-service_data.json | 42 ++++++------- .../serviceutil/serviceutil_data.json | 42 ++++++------- .../styleguide/styleguide_data.json | 42 ++++++------- .../terminology-service_data.json | 46 +++++++------- .../test-case-service_data.json | 42 ++++++------- .../virus-scan-service_data.json | 60 +++++++++---------- .../vsac-client-service_data.json | 44 +++++++------- .../vsac-groovy-framework_data.json | 42 ++++++------- .../measureauthoringtool/vsac/vsac_data.json | 44 +++++++------- .../vsacterminologyserviceinterface_data.json | 42 ++++++------- 72 files changed, 1573 insertions(+), 1573 deletions(-) diff --git a/app/site/_data/measureauthoringtool/bonnie-patient-conversion/bonnie-patient-conversion_data.json b/app/site/_data/measureauthoringtool/bonnie-patient-conversion/bonnie-patient-conversion_data.json index 65c81d83f1..e2c26687e9 100644 --- a/app/site/_data/measureauthoringtool/bonnie-patient-conversion/bonnie-patient-conversion_data.json +++ b/app/site/_data/measureauthoringtool/bonnie-patient-conversion/bonnie-patient-conversion_data.json @@ -145,14 +145,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 155 9845 2038 100 7707 457\n(ULOC) 3269\n-------------------------------------------------------------------------------\nMarkdown 40 2665 141 0 2524 0\n(ULOC) 891\n-------------------------------------------------------------------------------\nJSON 7 24828 0 0 24828 0\n(ULOC) 3372\n-------------------------------------------------------------------------------\nYAML 2 62 10 0 52 0\n(ULOC) 47\n-------------------------------------------------------------------------------\nPlain Text 1 16 2 0 14 0\n(ULOC) 15\n-------------------------------------------------------------------------------\nXML 1 132 6 1 125 0\n(ULOC) 86\n───────────────────────────────────────────────────────────────────────────────\nTotal 206 37548 2197 101 35250 457\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 7636\nDRYness % 0.20\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,137,921\nEstimated Schedule Effort (organic) 14.45 months\nEstimated People Required (organic) 7.00\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1258729 bytes, 1.259 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:35:20Z", + "date": "2025-01-19T14:37:04Z", "repo": { "name": "github.com/measureauthoringtool/bonnie-patient-conversion", "commit": "2b49ce0f84ae0f01a8c17edcc95944def250ac6f" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.3, "checks": [ @@ -162,7 +162,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -172,7 +172,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -182,7 +182,7 @@ "reason": "2 out of 12 merged PRs checked by a CI test -- score normalized to 1", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -192,7 +192,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -202,7 +202,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -212,7 +212,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -222,7 +222,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -232,7 +232,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -242,7 +242,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -252,7 +252,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -262,7 +262,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -272,7 +272,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -282,7 +282,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -292,7 +292,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -302,7 +302,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -312,7 +312,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -322,7 +322,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -332,7 +332,7 @@ "reason": "45 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/bonnie/bonnie_data.json b/app/site/_data/measureauthoringtool/bonnie/bonnie_data.json index 698b64bbe1..6e8a3d2d44 100644 --- a/app/site/_data/measureauthoringtool/bonnie/bonnie_data.json +++ b/app/site/_data/measureauthoringtool/bonnie/bonnie_data.json @@ -532,14 +532,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 756 329645 38215 30730 260700 43846\n(ULOC) 88300\n-------------------------------------------------------------------------------\nJSON 641 8825755 7089 0 8818666 0\n(ULOC) 781774\n-------------------------------------------------------------------------------\nCoffeeScript 139 12796 1899 1528 9369 1389\n(ULOC) 7984\n-------------------------------------------------------------------------------\nLESS 114 14475 1621 1760 11094 0\n(ULOC) 8376\n-------------------------------------------------------------------------------\nRuby 100 10341 1451 1329 7561 346\n(ULOC) 5481\n-------------------------------------------------------------------------------\nYAML 93 203530 188 352 202990 0\n(ULOC) 31604\n-------------------------------------------------------------------------------\nHandlebars 87 2727 127 5 2595 18\n(ULOC) 1480\n-------------------------------------------------------------------------------\nMarkdown 58 6727 2091 0 4636 0\n(ULOC) 3560\n-------------------------------------------------------------------------------\nHTML 54 15102 1144 25 13933 0\n(ULOC) 8220\n-------------------------------------------------------------------------------\nCSS 41 23905 1596 369 21940 0\n(ULOC) 8353\n-------------------------------------------------------------------------------\nRuby HTML 37 1303 81 3 1219 109\n(ULOC) 843\n-------------------------------------------------------------------------------\nSVG 21 14668 0 0 14668 0\n(ULOC) 8099\n-------------------------------------------------------------------------------\nLicense 19 732 130 0 602 0\n(ULOC) 299\n-------------------------------------------------------------------------------\nSass 18 2879 232 107 2540 0\n(ULOC) 2301\n-------------------------------------------------------------------------------\nPlain Text 13 828 80 0 748 0\n(ULOC) 692\n-------------------------------------------------------------------------------\nShell 10 264 27 43 194 13\n(ULOC) 176\n-------------------------------------------------------------------------------\nReStructuredText 8 1727 616 0 1111 0\n(ULOC) 859\n-------------------------------------------------------------------------------\nCSV 4 12 0 0 12 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nXML 4 3933 16 131 3786 0\n(ULOC) 783\n-------------------------------------------------------------------------------\nRakefile 3 69 10 7 52 4\n(ULOC) 50\n-------------------------------------------------------------------------------\nMakefile 2 165 27 5 133 6\n(ULOC) 121\n-------------------------------------------------------------------------------\nnuspec 2 68 6 0 62 0\n(ULOC) 38\n-------------------------------------------------------------------------------\nBatch 1 190 23 1 166 65\n(ULOC) 98\n-------------------------------------------------------------------------------\nDocker ignore 1 8 2 1 5 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nDockerfile 1 29 7 0 22 14\n(ULOC) 23\n-------------------------------------------------------------------------------\nGemfile 1 98 20 12 66 0\n(ULOC) 76\n-------------------------------------------------------------------------------\nPowershell 1 2 0 1 1 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nPython 1 249 68 150 31 0\n(ULOC) 172\n-------------------------------------------------------------------------------\nTOML 1 171 37 0 134 1\n(ULOC) 100\n-------------------------------------------------------------------------------\nTypeScript Typings 1 536 78 98 360 69\n(ULOC) 372\n───────────────────────────────────────────────────────────────────────────────\nTotal 2232 9472934 56881 36657 9379396 45880\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 957464\nDRYness % 0.10\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $400,293,872\nEstimated Schedule Effort (organic) 134.07 months\nEstimated People Required (organic) 265.26\n───────────────────────────────────────────────────────────────────────────────\nProcessed 390176970 bytes, 390.177 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:30:38Z", + "date": "2025-01-19T14:32:06Z", "repo": { "name": "github.com/measureauthoringtool/bonnie", "commit": "b4b5ac2a71159ca445182e18a128bf913242e1b5" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.6, "checks": [ @@ -549,7 +549,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -559,7 +559,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -569,7 +569,7 @@ "reason": "8 out of 15 merged PRs checked by a CI test -- score normalized to 5", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -579,7 +579,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -589,7 +589,7 @@ "reason": "Found 13/16 approved changesets -- score normalized to 8", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -599,7 +599,7 @@ "reason": "project has 20 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -609,7 +609,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -619,7 +619,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -629,7 +629,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -639,7 +639,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -649,7 +649,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -659,7 +659,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -669,7 +669,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 1", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -679,7 +679,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -689,7 +689,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -699,7 +699,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -709,17 +709,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "55 existing vulnerabilities detected", + "reason": "56 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/bonnie_bundler/bonnie_bundler_data.json b/app/site/_data/measureauthoringtool/bonnie_bundler/bonnie_bundler_data.json index e3766bb438..f0417a1a7d 100644 --- a/app/site/_data/measureauthoringtool/bonnie_bundler/bonnie_bundler_data.json +++ b/app/site/_data/measureauthoringtool/bonnie_bundler/bonnie_bundler_data.json @@ -171,14 +171,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nYAML 46 102247 7 6 102234 0\n(ULOC) 21601\n-------------------------------------------------------------------------------\nRuby 31 4015 481 378 3156 272\n(ULOC) 2318\n-------------------------------------------------------------------------------\nMarkdown 4 84 21 0 63 0\n(ULOC) 55\n-------------------------------------------------------------------------------\nGemfile 1 29 4 10 15 0\n(ULOC) 25\n-------------------------------------------------------------------------------\nPlain Text 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nRakefile 1 29 5 1 23 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nTOML 1 268 57 14 197 1\n(ULOC) 164\n───────────────────────────────────────────────────────────────────────────────\nTotal 85 106873 607 409 105857 273\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 24341\nDRYness % 0.23\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $3,610,363\nEstimated Schedule Effort (organic) 22.40 months\nEstimated People Required (organic) 14.32\n───────────────────────────────────────────────────────────────────────────────\nProcessed 7972691 bytes, 7.973 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:31:14Z", + "date": "2025-01-19T14:32:41Z", "repo": { "name": "github.com/measureauthoringtool/bonnie_bundler", "commit": "c47c530c9d69556e0cde7a9685f47744d9e4a0f0" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.5, "checks": [ @@ -188,7 +188,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -198,7 +198,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -208,7 +208,7 @@ "reason": "0 out of 23 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -218,7 +218,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -228,7 +228,7 @@ "reason": "Found 18/24 approved changesets -- score normalized to 7", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -238,7 +238,7 @@ "reason": "project has 12 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -248,7 +248,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -258,7 +258,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -268,7 +268,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -278,7 +278,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -288,7 +288,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -298,7 +298,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -308,7 +308,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -318,7 +318,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -328,7 +328,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -338,7 +338,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -348,7 +348,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -358,7 +358,7 @@ "reason": "67 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/clinical_quality_language/clinical_quality_language_data.json b/app/site/_data/measureauthoringtool/clinical_quality_language/clinical_quality_language_data.json index de9048a2bd..1b312c3ded 100644 --- a/app/site/_data/measureauthoringtool/clinical_quality_language/clinical_quality_language_data.json +++ b/app/site/_data/measureauthoringtool/clinical_quality_language/clinical_quality_language_data.json @@ -330,14 +330,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nXML Schema 381 235640 3017 0 232623 0\n(ULOC) 26893\n-------------------------------------------------------------------------------\nCoffeeScript 202 114571 5175 14227 95169 2456\n(ULOC) 14900\n-------------------------------------------------------------------------------\nJava 172 28025 4199 4233 19593 2924\n(ULOC) 11901\n-------------------------------------------------------------------------------\nXML 62 71031 105 96 70830 0\n(ULOC) 14358\n-------------------------------------------------------------------------------\nC# 30 7654 1036 526 6092 180\n(ULOC) 2644\n-------------------------------------------------------------------------------\nJSON 23 12855 18 0 12837 0\n(ULOC) 2328\n-------------------------------------------------------------------------------\nGradle 13 510 91 6 413 0\n(ULOC) 283\n-------------------------------------------------------------------------------\nMSBuild 13 1401 28 216 1157 132\n(ULOC) 568\n-------------------------------------------------------------------------------\nMarkdown 9 782 221 0 561 0\n(ULOC) 471\n-------------------------------------------------------------------------------\nProperties File 5 124 8 43 73 0\n(ULOC) 107\n-------------------------------------------------------------------------------\nBatch 4 184 48 0 136 46\n(ULOC) 63\n-------------------------------------------------------------------------------\nPlain Text 3 84 14 0 70 0\n(ULOC) 68\n-------------------------------------------------------------------------------\nBASH 2 328 40 44 244 40\n(ULOC) 121\n-------------------------------------------------------------------------------\nHTML 2 706 3 0 703 0\n(ULOC) 320\n-------------------------------------------------------------------------------\nYAML 2 42 4 0 38 0\n(ULOC) 39\n-------------------------------------------------------------------------------\nJavaScript 1 43089 11889 9340 21860 2837\n(ULOC) 10895\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nSQL 1 40 6 0 34 1\n(ULOC) 35\n───────────────────────────────────────────────────────────────────────────────\nTotal 926 517187 25914 28731 462542 8616\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 85432\nDRYness % 0.17\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $16,982,595\nEstimated Schedule Effort (organic) 40.35 months\nEstimated People Required (organic) 37.39\n───────────────────────────────────────────────────────────────────────────────\nProcessed 25201224 bytes, 25.201 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:32:13Z", + "date": "2025-01-19T14:33:43Z", "repo": { "name": "github.com/measureauthoringtool/clinical_quality_language", "commit": "9c5b948e77dbd5fa1fd6ab315431b40d26fa6c24" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.4, "checks": [ @@ -347,7 +347,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -357,7 +357,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -367,7 +367,7 @@ "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -377,7 +377,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -387,7 +387,7 @@ "reason": "Found 3/27 approved changesets -- score normalized to 1", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -397,7 +397,7 @@ "reason": "project has 8 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -407,7 +407,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -417,7 +417,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -427,7 +427,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -437,7 +437,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -447,7 +447,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -457,7 +457,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -467,7 +467,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -477,7 +477,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -487,7 +487,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -497,7 +497,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -507,17 +507,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "25 existing vulnerabilities detected", + "reason": "26 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/clyde/clyde_data.json b/app/site/_data/measureauthoringtool/clyde/clyde_data.json index 4889bce053..510e3630c3 100644 --- a/app/site/_data/measureauthoringtool/clyde/clyde_data.json +++ b/app/site/_data/measureauthoringtool/clyde/clyde_data.json @@ -341,14 +341,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 13 646 85 9 552 8\n(ULOC) 383\n-------------------------------------------------------------------------------\nCSS 4 171986 38184 212 133590 0\n(ULOC) 44862\n-------------------------------------------------------------------------------\nJSON 3 117 0 0 117 0\n(ULOC) 105\n-------------------------------------------------------------------------------\nJavaScript 3 28 0 0 28 0\n(ULOC) 24\n-------------------------------------------------------------------------------\nMarkdown 2 46 18 0 28 0\n(ULOC) 29\n-------------------------------------------------------------------------------\nTypeScript Typings 2 32 4 7 21 1\n(ULOC) 24\n-------------------------------------------------------------------------------\nYAML 2 79 13 0 66 0\n(ULOC) 58\n-------------------------------------------------------------------------------\nHTML 1 40 1 23 16 0\n(ULOC) 35\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nPlain Text 1 3 0 0 3 0\n(ULOC) 4\n───────────────────────────────────────────────────────────────────────────────\nTotal 32 173098 38317 251 134530 9\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 45608\nDRYness % 0.26\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $4,643,606\nEstimated Schedule Effort (organic) 24.65 months\nEstimated People Required (organic) 16.74\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3601371 bytes, 3.601 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:35:39Z", + "date": "2025-01-19T14:37:27Z", "repo": { "name": "github.com/measureauthoringtool/clyde", "commit": "664fd7605a7634b4b298548bea514830207ee3e0" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.6, "checks": [ @@ -358,7 +358,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -368,7 +368,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -378,7 +378,7 @@ "reason": "0 out of 16 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -388,7 +388,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -398,7 +398,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -408,7 +408,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -418,7 +418,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -428,7 +428,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -438,7 +438,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -448,7 +448,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -458,7 +458,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -468,7 +468,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -478,7 +478,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -488,7 +488,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -498,7 +498,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -508,7 +508,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -518,7 +518,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -528,7 +528,7 @@ "reason": "86 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/cql-antlr-parser/cql-antlr-parser_data.json b/app/site/_data/measureauthoringtool/cql-antlr-parser/cql-antlr-parser_data.json index 8c5b9e9765..103cfcf6e5 100644 --- a/app/site/_data/measureauthoringtool/cql-antlr-parser/cql-antlr-parser_data.json +++ b/app/site/_data/measureauthoringtool/cql-antlr-parser/cql-antlr-parser_data.json @@ -275,14 +275,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 44 20691 1085 3516 16090 4091\n(ULOC) 7689\n-------------------------------------------------------------------------------\nYAML 4 181 27 7 147 0\n(ULOC) 100\n-------------------------------------------------------------------------------\nJSON 2 73 0 0 73 0\n(ULOC) 66\n-------------------------------------------------------------------------------\nJavaScript 2 77 0 1 76 0\n(ULOC) 62\n-------------------------------------------------------------------------------\nMarkdown 2 44 15 0 29 0\n(ULOC) 30\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 55 21187 1139 3524 16524 4091\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 8045\nDRYness % 0.38\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $513,589\nEstimated Schedule Effort (organic) 10.68 months\nEstimated People Required (organic) 4.27\n───────────────────────────────────────────────────────────────────────────────\nProcessed 720293 bytes, 0.720 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:35:56Z", + "date": "2025-01-19T14:37:47Z", "repo": { "name": "github.com/measureauthoringtool/cql-antlr-parser", "commit": "aef9f1cc18c9164895d64f1ef6a84d015e789f5e" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 6.6, "checks": [ @@ -292,7 +292,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -302,7 +302,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -312,7 +312,7 @@ "reason": "10 out of 10 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -322,7 +322,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -332,7 +332,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -342,7 +342,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -352,7 +352,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -362,7 +362,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -372,7 +372,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -382,7 +382,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -392,7 +392,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -402,7 +402,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -412,7 +412,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -422,7 +422,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -432,7 +432,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -442,7 +442,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -452,7 +452,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -462,7 +462,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/cql-exec-fhir/cql-exec-fhir_data.json b/app/site/_data/measureauthoringtool/cql-exec-fhir/cql-exec-fhir_data.json index f79b7ed286..afe2f89c8a 100644 --- a/app/site/_data/measureauthoringtool/cql-exec-fhir/cql-exec-fhir_data.json +++ b/app/site/_data/measureauthoringtool/cql-exec-fhir/cql-exec-fhir_data.json @@ -187,14 +187,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 12 76983 0 0 76983 0\n(ULOC) 5615\n-------------------------------------------------------------------------------\nJavaScript 11 38540 259 164 38117 247\n(ULOC) 11462\n-------------------------------------------------------------------------------\nXML 4 36316 0 0 36316 0\n(ULOC) 10592\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nMarkdown 1 54 17 0 37 0\n(ULOC) 33\n-------------------------------------------------------------------------------\nYAML 1 4 1 0 3 0\n(ULOC) 4\n───────────────────────────────────────────────────────────────────────────────\nTotal 30 152098 309 164 151625 247\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 17270\nDRYness % 0.11\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $5,265,076\nEstimated Schedule Effort (organic) 25.86 months\nEstimated People Required (organic) 18.09\n───────────────────────────────────────────────────────────────────────────────\nProcessed 7155141 bytes, 7.155 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:35:13Z", + "date": "2025-01-19T14:36:56Z", "repo": { "name": "github.com/measureauthoringtool/cql-exec-fhir", "commit": "f8ae7229e150fadd56009f971da01a9573a26e4d" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.5, "checks": [ @@ -204,7 +204,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -214,7 +214,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -224,7 +224,7 @@ "reason": "no pull request found", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -234,7 +234,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -244,7 +244,7 @@ "reason": "Found 0/30 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -254,7 +254,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -264,7 +264,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -274,7 +274,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -284,7 +284,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -294,7 +294,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -304,7 +304,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -314,7 +314,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -324,7 +324,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -334,7 +334,7 @@ "reason": "no SAST tool detected", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -344,7 +344,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -354,7 +354,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -364,17 +364,17 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "21 existing vulnerabilities detected", + "reason": "22 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/cql-execution/cql-execution_data.json b/app/site/_data/measureauthoringtool/cql-execution/cql-execution_data.json index ff39b4af75..a6e68c8d60 100644 --- a/app/site/_data/measureauthoringtool/cql-execution/cql-execution_data.json +++ b/app/site/_data/measureauthoringtool/cql-execution/cql-execution_data.json @@ -293,14 +293,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nCoffeeScript 215 302018 6958 16088 278972 3306\n(ULOC) 33745\n-------------------------------------------------------------------------------\nJSON 4 359 2 0 357 0\n(ULOC) 208\n-------------------------------------------------------------------------------\nMarkdown 4 433 101 0 332 0\n(ULOC) 266\n-------------------------------------------------------------------------------\nShell 3 218 28 26 164 29\n(ULOC) 153\n-------------------------------------------------------------------------------\nBatch 1 84 23 0 61 20\n(ULOC) 55\n-------------------------------------------------------------------------------\nGradle 1 27 5 0 22 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nHTML 1 134 0 0 134 0\n(ULOC) 80\n-------------------------------------------------------------------------------\nJava 1 232 20 2 210 47\n(ULOC) 175\n-------------------------------------------------------------------------------\nJavaScript 1 61266 13161 9811 38294 5428\n(ULOC) 18583\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nProperties File 1 5 0 0 5 0\n(ULOC) 6\n-------------------------------------------------------------------------------\nYAML 1 18 0 0 18 0\n(ULOC) 19\n───────────────────────────────────────────────────────────────────────────────\nTotal 234 364995 20330 25927 318738 8830\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 53280\nDRYness % 0.15\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $11,486,847\nEstimated Schedule Effort (organic) 34.78 months\nEstimated People Required (organic) 29.34\n───────────────────────────────────────────────────────────────────────────────\nProcessed 13184540 bytes, 13.185 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:34:28Z", + "date": "2025-01-19T14:36:06Z", "repo": { "name": "github.com/measureauthoringtool/cql-execution", "commit": "3d6fab9df2809ea032999c4ed516b2843f920506" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.4, "checks": [ @@ -310,7 +310,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -320,7 +320,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -330,7 +330,7 @@ "reason": "no pull request found", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -340,7 +340,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -350,7 +350,7 @@ "reason": "Found 0/30 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -360,7 +360,7 @@ "reason": "project has 10 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -370,7 +370,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -380,7 +380,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -390,7 +390,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -400,7 +400,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -410,7 +410,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -420,7 +420,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -430,7 +430,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -440,7 +440,7 @@ "reason": "no SAST tool detected", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -450,7 +450,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -460,7 +460,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -470,17 +470,17 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "35 existing vulnerabilities detected", + "reason": "36 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/cql-library-service/cql-library-service_data.json b/app/site/_data/measureauthoringtool/cql-library-service/cql-library-service_data.json index 4cb1d8edf4..44b7801d2b 100644 --- a/app/site/_data/measureauthoringtool/cql-library-service/cql-library-service_data.json +++ b/app/site/_data/measureauthoringtool/cql-library-service/cql-library-service_data.json @@ -239,14 +239,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 63 6591 733 83 5775 99\n(ULOC) 2539\n-------------------------------------------------------------------------------\nYAML 8 162 27 3 132 0\n(ULOC) 117\n-------------------------------------------------------------------------------\nXML 4 564 33 22 509 0\n(ULOC) 351\n-------------------------------------------------------------------------------\nMarkdown 2 56 18 0 38 0\n(ULOC) 34\n-------------------------------------------------------------------------------\nBatch 1 188 35 0 153 27\n(ULOC) 134\n-------------------------------------------------------------------------------\nDockerfile 1 19 5 5 9 1\n(ULOC) 15\n-------------------------------------------------------------------------------\nJavaScript 1 27 7 0 20 0\n(ULOC) 16\n-------------------------------------------------------------------------------\nProperties File 1 2 0 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nShell 1 316 27 54 235 35\n(ULOC) 216\n───────────────────────────────────────────────────────────────────────────────\nTotal 82 7925 885 167 6873 162\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3416\nDRYness % 0.43\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $204,455\nEstimated Schedule Effort (organic) 7.52 months\nEstimated People Required (organic) 2.41\n───────────────────────────────────────────────────────────────────────────────\nProcessed 309529 bytes, 0.310 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:40:19Z", + "date": "2025-01-19T14:42:17Z", "repo": { "name": "github.com/measureauthoringtool/cql-library-service", - "commit": "226dd9d4b985d8ec179a85a0ba82d43da56a72ec" + "commit": "0a8da12dcec4259248c3b22032f177f49327a35d" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.4, "checks": [ @@ -256,7 +256,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -266,17 +266,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, "score": 10, - "reason": "11 out of 11 merged PRs checked by a CI test -- score normalized to 10", + "reason": "12 out of 12 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -286,7 +286,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -296,7 +296,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -306,7 +306,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -316,7 +316,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -326,7 +326,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -336,7 +336,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -346,17 +346,17 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, { "details": null, - "score": 10, - "reason": "12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "score": 9, + "reason": "11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -366,7 +366,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -376,7 +376,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -386,7 +386,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -396,7 +396,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -406,7 +406,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -416,7 +416,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -426,7 +426,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/cql-validation-service/cql-validation-service_data.json b/app/site/_data/measureauthoringtool/cql-validation-service/cql-validation-service_data.json index 6d7dbca007..a947bead0b 100644 --- a/app/site/_data/measureauthoringtool/cql-validation-service/cql-validation-service_data.json +++ b/app/site/_data/measureauthoringtool/cql-validation-service/cql-validation-service_data.json @@ -76,14 +76,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 2 0 0 2 0\n(ULOC) 3\n───────────────────────────────────────────────────────────────────────────────\nTotal 2 123 12 0 111 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 112\nDRYness % 0.91\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $2,686\nEstimated Schedule Effort (organic) 1.45 months\nEstimated People Required (organic) 0.16\n───────────────────────────────────────────────────────────────────────────────\nProcessed 7094 bytes, 0.007 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:41:59Z", + "date": "2025-01-19T14:43:59Z", "repo": { "name": "github.com/measureauthoringtool/cql-validation-service", "commit": "b9e11016034f9da054fabc0c7bdc0400dd10bc5e" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.3, "checks": [ @@ -93,7 +93,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -103,7 +103,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -113,7 +113,7 @@ "reason": "no pull request found", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -123,7 +123,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -133,7 +133,7 @@ "reason": "Found 0/1 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -143,7 +143,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -153,7 +153,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -163,7 +163,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -173,7 +173,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -183,7 +183,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -193,7 +193,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -203,7 +203,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -213,7 +213,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -223,7 +223,7 @@ "reason": "no SAST tool detected", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -233,7 +233,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -243,7 +243,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -253,7 +253,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -263,7 +263,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/cql_poc/cql_poc_data.json b/app/site/_data/measureauthoringtool/cql_poc/cql_poc_data.json index d1c80e8f4e..dbe7b819b1 100644 --- a/app/site/_data/measureauthoringtool/cql_poc/cql_poc_data.json +++ b/app/site/_data/measureauthoringtool/cql_poc/cql_poc_data.json @@ -207,14 +207,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 611 462384 28909 470 433005 75709\n(ULOC) 63629\n-------------------------------------------------------------------------------\nJava 30 4375 507 2020 1848 133\n(ULOC) 2363\n-------------------------------------------------------------------------------\nHTML 7 42611 181 39793 2637 0\n(ULOC) 6632\n-------------------------------------------------------------------------------\nXML 5 99 7 50 42 0\n(ULOC) 87\n-------------------------------------------------------------------------------\nCSS 4 9643 1263 48 8332 0\n(ULOC) 3448\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 12 4 0 8 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nPlain Text 1 2 0 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nProperties File 1 13 1 11 1 0\n(ULOC) 12\n-------------------------------------------------------------------------------\nYAML 1 28 3 0 25 0\n(ULOC) 26\n───────────────────────────────────────────────────────────────────────────────\nTotal 662 519288 30887 42392 446009 75842\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 76217\nDRYness % 0.15\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $16,345,798\nEstimated Schedule Effort (organic) 39.77 months\nEstimated People Required (organic) 36.52\n───────────────────────────────────────────────────────────────────────────────\nProcessed 30917584 bytes, 30.918 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:31:52Z", + "date": "2025-01-19T14:33:23Z", "repo": { "name": "github.com/measureauthoringtool/cql_poc", "commit": "e76e204b2756ad59d13356dffa92bf9f20532864" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.3, "checks": [ @@ -224,7 +224,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -234,7 +234,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -244,7 +244,7 @@ "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -254,7 +254,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -264,7 +264,7 @@ "reason": "Found 2/17 approved changesets -- score normalized to 1", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -274,7 +274,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -284,7 +284,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -294,7 +294,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -304,7 +304,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -314,7 +314,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -324,7 +324,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -334,7 +334,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -344,7 +344,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -354,7 +354,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -364,7 +364,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -374,7 +374,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -384,7 +384,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -394,7 +394,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/cql_qdm_patientapi/cql_qdm_patientapi_data.json b/app/site/_data/measureauthoringtool/cql_qdm_patientapi/cql_qdm_patientapi_data.json index 5ba49aa24d..3f24a15e59 100644 --- a/app/site/_data/measureauthoringtool/cql_qdm_patientapi/cql_qdm_patientapi_data.json +++ b/app/site/_data/measureauthoringtool/cql_qdm_patientapi/cql_qdm_patientapi_data.json @@ -271,14 +271,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 318 181772 24062 14010 143700 16861\n(ULOC) 43888\n-------------------------------------------------------------------------------\nCoffeeScript 60 5887 652 1642 3593 534\n(ULOC) 1857\n-------------------------------------------------------------------------------\nRuby 25 542 107 314 121 4\n(ULOC) 367\n-------------------------------------------------------------------------------\nMarkdown 7 713 240 0 473 0\n(ULOC) 449\n-------------------------------------------------------------------------------\nYAML 4 89 10 30 49 0\n(ULOC) 73\n-------------------------------------------------------------------------------\nHTML 3 200 15 3 182 0\n(ULOC) 62\n-------------------------------------------------------------------------------\nJSON 3 191 0 0 191 0\n(ULOC) 98\n-------------------------------------------------------------------------------\nRakefile 3 42 9 4 29 0\n(ULOC) 31\n-------------------------------------------------------------------------------\nLicense 2 223 35 0 188 0\n(ULOC) 187\n-------------------------------------------------------------------------------\nCSS 1 15 0 15 0 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nGemfile 1 9 2 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nRuby HTML 1 14 2 0 12 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nTOML 1 268 57 14 197 1\n(ULOC) 164\n-------------------------------------------------------------------------------\nTypeScript Typings 1 536 78 98 360 69\n(ULOC) 372\n───────────────────────────────────────────────────────────────────────────────\nTotal 430 190501 25269 16130 149102 17469\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 47535\nDRYness % 0.25\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $5,173,124\nEstimated Schedule Effort (organic) 25.68 months\nEstimated People Required (organic) 17.89\n───────────────────────────────────────────────────────────────────────────────\nProcessed 7788055 bytes, 7.788 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:32:02Z", + "date": "2025-01-19T14:33:33Z", "repo": { "name": "github.com/measureauthoringtool/cql_qdm_patientapi", "commit": "5cd5d0d10d7cc6d6f068d177652814891fff50bd" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.5, "checks": [ @@ -288,7 +288,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -298,7 +298,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -308,7 +308,7 @@ "reason": "0 out of 16 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -318,7 +318,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -328,7 +328,7 @@ "reason": "Found 11/14 approved changesets -- score normalized to 7", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -338,7 +338,7 @@ "reason": "project has 4 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -348,7 +348,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -358,7 +358,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -368,7 +368,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -378,7 +378,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -388,7 +388,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -398,7 +398,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -408,7 +408,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -418,7 +418,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -428,7 +428,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -438,7 +438,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -448,7 +448,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -458,7 +458,7 @@ "reason": "80 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/cqltoelm/cqltoelm_data.json b/app/site/_data/measureauthoringtool/cqltoelm/cqltoelm_data.json index 1053a8ca64..a37b4bb5bf 100644 --- a/app/site/_data/measureauthoringtool/cqltoelm/cqltoelm_data.json +++ b/app/site/_data/measureauthoringtool/cqltoelm/cqltoelm_data.json @@ -94,16 +94,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 16 3199 644 446 2109 178\n(ULOC) 1393\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nXML 1 114 3 0 111 0\n(ULOC) 77\n───────────────────────────────────────────────────────────────────────────────\nTotal 18 3434 659 446 2329 178\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1577\nDRYness % 0.46\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $65,633\nEstimated Schedule Effort (organic) 4.89 months\nEstimated People Required (organic) 1.19\n───────────────────────────────────────────────────────────────────────────────\nProcessed 120512 bytes, 0.121 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:32:43Z", + "date": "2025-01-19T14:34:17Z", "repo": { "name": "github.com/measureauthoringtool/cqltoelm", "commit": "b32cfd59a61ea3442fb6205cbc1b58c8ffa82366" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 2, + "score": 2.0, "checks": [ { "details": null, @@ -111,7 +111,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -121,7 +121,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -131,7 +131,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -141,7 +141,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -151,7 +151,7 @@ "reason": "Found 1/2 approved changesets -- score normalized to 5", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -161,7 +161,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -171,7 +171,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -181,7 +181,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -191,7 +191,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -201,7 +201,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -211,7 +211,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -221,7 +221,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -231,7 +231,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -241,7 +241,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -251,7 +251,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -261,7 +261,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -271,7 +271,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -281,7 +281,7 @@ "reason": "54 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/dynamicmoduleloading/dynamicmoduleloading_data.json b/app/site/_data/measureauthoringtool/dynamicmoduleloading/dynamicmoduleloading_data.json index 3a127805d9..33db877fb4 100644 --- a/app/site/_data/measureauthoringtool/dynamicmoduleloading/dynamicmoduleloading_data.json +++ b/app/site/_data/measureauthoringtool/dynamicmoduleloading/dynamicmoduleloading_data.json @@ -211,14 +211,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 5 167 23 1 143 0\n(ULOC) 131\n-------------------------------------------------------------------------------\nJSON 3 56 0 0 56 0\n(ULOC) 47\n-------------------------------------------------------------------------------\nCSS 2 111 12 0 99 0\n(ULOC) 78\n-------------------------------------------------------------------------------\nSVG 2 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nHTML 1 13 0 0 13 0\n(ULOC) 14\n-------------------------------------------------------------------------------\nMarkdown 1 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nTypeScript Typings 1 1 0 1 0 0\n(ULOC) 2\n───────────────────────────────────────────────────────────────────────────────\nTotal 15 352 35 2 315 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 269\nDRYness % 0.76\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $8,031\nEstimated Schedule Effort (organic) 2.20 months\nEstimated People Required (organic) 0.32\n───────────────────────────────────────────────────────────────────────────────\nProcessed 13296 bytes, 0.013 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:41:33Z", + "date": "2025-01-19T14:43:33Z", "repo": { "name": "github.com/measureauthoringtool/dynamicmoduleloading", "commit": "df94f71fb938bfb6b5c8f56b7927d0d7ac5688fb" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 1.1, "checks": [ @@ -228,7 +228,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -238,7 +238,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -248,7 +248,7 @@ "reason": "no pull request found", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -258,7 +258,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -268,7 +268,7 @@ "reason": "Found 0/1 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -278,7 +278,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -288,7 +288,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -298,7 +298,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -308,7 +308,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -318,7 +318,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -328,7 +328,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -338,7 +338,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -348,7 +348,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -358,7 +358,7 @@ "reason": "no SAST tool detected", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -368,7 +368,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -378,7 +378,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -388,7 +388,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -398,7 +398,7 @@ "reason": "11 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/excel-export/excel-export_data.json b/app/site/_data/measureauthoringtool/excel-export/excel-export_data.json index 4c29a8ada3..bdf3fbb6be 100644 --- a/app/site/_data/measureauthoringtool/excel-export/excel-export_data.json +++ b/app/site/_data/measureauthoringtool/excel-export/excel-export_data.json @@ -369,16 +369,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 15 1316 115 30 1171 42\n(ULOC) 817\n-------------------------------------------------------------------------------\nJSON 5 134 0 0 134 0\n(ULOC) 118\n-------------------------------------------------------------------------------\nYAML 3 145 21 9 115 0\n(ULOC) 102\n-------------------------------------------------------------------------------\nMarkdown 2 94 26 0 68 0\n(ULOC) 64\n-------------------------------------------------------------------------------\nDocker ignore 1 5 0 0 5 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nDockerfile 1 20 6 7 7 0\n(ULOC) 15\n-------------------------------------------------------------------------------\nJavaScript 1 25 0 0 25 0\n(ULOC) 24\n───────────────────────────────────────────────────────────────────────────────\nTotal 28 1739 168 46 1525 42\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1133\nDRYness % 0.65\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $42,075\nEstimated Schedule Effort (organic) 4.13 months\nEstimated People Required (organic) 0.91\n───────────────────────────────────────────────────────────────────────────────\nProcessed 55212 bytes, 0.055 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:42:15Z", + "date": "2025-01-19T14:44:13Z", "repo": { "name": "github.com/measureauthoringtool/excel-export", "commit": "5648016fe5c4d05819c2ec622cf2b243603bcd09" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 4.7, + "score": 4.6, "checks": [ { "details": null, @@ -386,7 +386,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -396,7 +396,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -406,7 +406,7 @@ "reason": "10 out of 10 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -416,7 +416,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -426,7 +426,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -436,7 +436,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -446,7 +446,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -456,7 +456,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -466,7 +466,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -476,7 +476,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -486,7 +486,7 @@ "reason": "7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -496,7 +496,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -506,7 +506,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 1", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -516,7 +516,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -526,7 +526,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -536,7 +536,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -546,17 +546,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", + "score": 9, + "reason": "1 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/execution-lambda/execution-lambda_data.json b/app/site/_data/measureauthoringtool/execution-lambda/execution-lambda_data.json index ca97153b10..38eac1652e 100644 --- a/app/site/_data/measureauthoringtool/execution-lambda/execution-lambda_data.json +++ b/app/site/_data/measureauthoringtool/execution-lambda/execution-lambda_data.json @@ -250,14 +250,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 6 994 95 68 831 210\n(ULOC) 713\n-------------------------------------------------------------------------------\nJSON 2 53 0 0 53 0\n(ULOC) 51\n-------------------------------------------------------------------------------\nJavaScript 2 22 0 2 20 0\n(ULOC) 20\n-------------------------------------------------------------------------------\nCloudFormation (YAM… 1 62 4 4 54 4\n(ULOC) 56\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 136 45 0 91 0\n(ULOC) 79\n-------------------------------------------------------------------------------\nTOML 1 31 8 2 21 0\n(ULOC) 22\n───────────────────────────────────────────────────────────────────────────────\nTotal 14 1419 164 76 1179 214\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1040\nDRYness % 0.73\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $32,113\nEstimated Schedule Effort (organic) 3.72 months\nEstimated People Required (organic) 0.77\n───────────────────────────────────────────────────────────────────────────────\nProcessed 55921 bytes, 0.056 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:41:52Z", + "date": "2025-01-19T14:43:53Z", "repo": { "name": "github.com/measureauthoringtool/execution-lambda", "commit": "f9e766f5cad749db25c05d489f813fbfd1974cb1" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.7, "checks": [ @@ -267,7 +267,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -277,7 +277,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -287,7 +287,7 @@ "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -297,7 +297,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -307,7 +307,7 @@ "reason": "Found 2/3 approved changesets -- score normalized to 6", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -317,7 +317,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -327,7 +327,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -337,7 +337,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -347,7 +347,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -357,7 +357,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -367,7 +367,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -377,7 +377,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -387,7 +387,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -397,7 +397,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -407,7 +407,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -417,7 +417,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -427,17 +427,17 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "13 existing vulnerabilities detected", + "reason": "14 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/fhir-mongoid-models/fhir-mongoid-models_data.json b/app/site/_data/measureauthoringtool/fhir-mongoid-models/fhir-mongoid-models_data.json index 3a24d561a0..62ab52284a 100644 --- a/app/site/_data/measureauthoringtool/fhir-mongoid-models/fhir-mongoid-models_data.json +++ b/app/site/_data/measureauthoringtool/fhir-mongoid-models/fhir-mongoid-models_data.json @@ -194,14 +194,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nRuby 952 57911 3736 999 53176 1878\n(ULOC) 15517\n-------------------------------------------------------------------------------\nJSON 8 5725 0 0 5725 0\n(ULOC) 2021\n-------------------------------------------------------------------------------\nYAML 3 105 16 1 88 0\n(ULOC) 80\n-------------------------------------------------------------------------------\nBASH 1 8 2 2 4 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nGemfile 1 6 2 1 3 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 23 8 0 15 0\n(ULOC) 17\n-------------------------------------------------------------------------------\nRakefile 1 6 2 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nXML 1 12217 0 0 12217 0\n(ULOC) 3817\n───────────────────────────────────────────────────────────────────────────────\nTotal 969 76122 3778 1003 71341 1878\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 21560\nDRYness % 0.28\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $2,385,621\nEstimated Schedule Effort (organic) 19.14 months\nEstimated People Required (organic) 11.07\n───────────────────────────────────────────────────────────────────────────────\nProcessed 4404080 bytes, 4.404 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:34:45Z", + "date": "2025-01-19T14:36:25Z", "repo": { "name": "github.com/measureauthoringtool/fhir-mongoid-models", "commit": "e0f8f341cd9d37332ef507f609ca8dbe3b4b41e8" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.1, "checks": [ @@ -211,7 +211,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -221,7 +221,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -231,7 +231,7 @@ "reason": "0 out of 17 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -241,7 +241,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -251,7 +251,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -261,7 +261,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -271,7 +271,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -281,7 +281,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -291,7 +291,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -301,7 +301,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -311,7 +311,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -321,7 +321,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -331,7 +331,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -341,7 +341,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -351,7 +351,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -361,7 +361,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -371,7 +371,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -381,7 +381,7 @@ "reason": "3 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/fhir-mongoose-models/fhir-mongoose-models_data.json b/app/site/_data/measureauthoringtool/fhir-mongoose-models/fhir-mongoose-models_data.json index ebf0e80c7d..fc67096b65 100644 --- a/app/site/_data/measureauthoringtool/fhir-mongoose-models/fhir-mongoose-models_data.json +++ b/app/site/_data/measureauthoringtool/fhir-mongoose-models/fhir-mongoose-models_data.json @@ -236,14 +236,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 945 152240 18642 23672 109926 12504\n(ULOC) 32635\n-------------------------------------------------------------------------------\nJSON 8 102 1 0 101 0\n(ULOC) 90\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 4 0 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nXML 1 12217 0 0 12217 0\n(ULOC) 3817\n-------------------------------------------------------------------------------\nYAML 1 83 14 14 55 0\n(ULOC) 62\n───────────────────────────────────────────────────────────────────────────────\nTotal 957 164767 18669 23686 122412 12504\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 36708\nDRYness % 0.22\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $4,205,431\nEstimated Schedule Effort (organic) 23.74 months\nEstimated People Required (organic) 15.74\n───────────────────────────────────────────────────────────────────────────────\nProcessed 10839071 bytes, 10.839 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:35:03Z", + "date": "2025-01-19T14:36:46Z", "repo": { "name": "github.com/measureauthoringtool/fhir-mongoose-models", "commit": "37c5655cca2c240e2584163c882710386209d423" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.8, "checks": [ @@ -253,7 +253,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -263,7 +263,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -273,7 +273,7 @@ "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -283,7 +283,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -293,7 +293,7 @@ "reason": "Found 1/5 approved changesets -- score normalized to 2", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -303,7 +303,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -313,7 +313,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -323,7 +323,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -333,7 +333,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -343,7 +343,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -353,7 +353,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -363,7 +363,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -373,7 +373,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 3", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -383,7 +383,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -393,7 +393,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -403,7 +403,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -413,17 +413,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "46 existing vulnerabilities detected", + "reason": "47 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/fhir-typescript-models/fhir-typescript-models_data.json b/app/site/_data/measureauthoringtool/fhir-typescript-models/fhir-typescript-models_data.json index 529bdc0ec4..2b719f3293 100644 --- a/app/site/_data/measureauthoringtool/fhir-typescript-models/fhir-typescript-models_data.json +++ b/app/site/_data/measureauthoringtool/fhir-typescript-models/fhir-typescript-models_data.json @@ -266,14 +266,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 1909 134499 26435 3866 104198 22739\n(ULOC) 36236\n-------------------------------------------------------------------------------\nJSON 5 5679 0 0 5679 0\n(ULOC) 2004\n-------------------------------------------------------------------------------\nYAML 3 169 27 9 133 0\n(ULOC) 99\n-------------------------------------------------------------------------------\nJavaScript 2 73 0 1 72 0\n(ULOC) 61\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 2 0 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nXML 1 12217 0 0 12217 0\n(ULOC) 3817\n───────────────────────────────────────────────────────────────────────────────\nTotal 1922 152760 26474 3876 122410 22739\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 42298\nDRYness % 0.28\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $4,205,358\nEstimated Schedule Effort (organic) 23.74 months\nEstimated People Required (organic) 15.74\n───────────────────────────────────────────────────────────────────────────────\nProcessed 5800852 bytes, 5.801 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:34:53Z", + "date": "2025-01-19T14:36:34Z", "repo": { "name": "github.com/measureauthoringtool/fhir-typescript-models", "commit": "e32cd39a0d450c89a6c52702d3267133d44fa399" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.6, "checks": [ @@ -283,7 +283,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -293,7 +293,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -303,7 +303,7 @@ "reason": "0 out of 22 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -313,7 +313,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -323,7 +323,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -333,7 +333,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -343,7 +343,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -353,7 +353,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -363,7 +363,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -373,7 +373,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -383,7 +383,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -393,7 +393,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -403,7 +403,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -413,7 +413,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -423,7 +423,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -433,7 +433,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -443,7 +443,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -453,7 +453,7 @@ "reason": "15 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/hapi-fhir-jpaserver-starter/hapi-fhir-jpaserver-starter_data.json b/app/site/_data/measureauthoringtool/hapi-fhir-jpaserver-starter/hapi-fhir-jpaserver-starter_data.json index 9384d85a6a..4c23adfbff 100644 --- a/app/site/_data/measureauthoringtool/hapi-fhir-jpaserver-starter/hapi-fhir-jpaserver-starter_data.json +++ b/app/site/_data/measureauthoringtool/hapi-fhir-jpaserver-starter/hapi-fhir-jpaserver-starter_data.json @@ -338,16 +338,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 78 6374 1089 299 4986 245\n(ULOC) 3305\n-------------------------------------------------------------------------------\nYAML 27 1997 119 701 1177 0\n(ULOC) 1142\n-------------------------------------------------------------------------------\nJSON 25 188142 1 0 188141 0\n(ULOC) 16709\n-------------------------------------------------------------------------------\nHTML 7 232 23 1 208 0\n(ULOC) 152\n-------------------------------------------------------------------------------\nXML Schema 5 4942 911 0 4031 0\n(ULOC) 1805\n-------------------------------------------------------------------------------\nMarkdown 3 787 194 0 593 0\n(ULOC) 420\n-------------------------------------------------------------------------------\nXML 3 799 56 179 564 0\n(ULOC) 464\n-------------------------------------------------------------------------------\nBatch 2 2 0 0 2 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nDocker ignore 1 12 0 0 12 0\n(ULOC) 12\n-------------------------------------------------------------------------------\nDockerfile 1 60 15 9 36 9\n(ULOC) 46\n-------------------------------------------------------------------------------\nJavaScript 1 1 0 0 1 4\n(ULOC) 1\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nPlain Text 1 22 0 0 22 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nProperties File 1 209 8 105 96 0\n(ULOC) 165\n-------------------------------------------------------------------------------\nShell 1 4 2 1 1 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nSmarty Template 1 152 13 0 139 24\n(ULOC) 78\n───────────────────────────────────────────────────────────────────────────────\nTotal 158 203936 2463 1295 200178 282\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 24417\nDRYness % 0.12\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $7,048,269\nEstimated Schedule Effort (organic) 28.89 months\nEstimated People Required (organic) 21.68\n───────────────────────────────────────────────────────────────────────────────\nProcessed 47985424 bytes, 47.985 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:39:14Z", + "date": "2025-01-19T14:41:15Z", "repo": { "name": "github.com/measureauthoringtool/hapi-fhir-jpaserver-starter", "commit": "0b00729c756cbb17affe4f2fc12346128a296bc8" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 4.1, + "score": 4.0, "checks": [ { "details": null, @@ -355,7 +355,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -365,7 +365,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -375,7 +375,7 @@ "reason": "2 out of 2 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -385,7 +385,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -395,7 +395,7 @@ "reason": "Found 2/23 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -405,7 +405,7 @@ "reason": "project has 12 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -415,7 +415,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -425,7 +425,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -435,7 +435,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -445,17 +445,17 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, { "details": null, - "score": 10, - "reason": "13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "score": 9, + "reason": "11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -465,7 +465,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -475,7 +475,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -485,7 +485,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -495,7 +495,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -505,7 +505,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -515,7 +515,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -525,7 +525,7 @@ "reason": "18 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/health-data-standards/health-data-standards_data.json b/app/site/_data/measureauthoringtool/health-data-standards/health-data-standards_data.json index 47efd355ab..476f9940b1 100644 --- a/app/site/_data/measureauthoringtool/health-data-standards/health-data-standards_data.json +++ b/app/site/_data/measureauthoringtool/health-data-standards/health-data-standards_data.json @@ -245,14 +245,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nXML 407 596048 6580 9724 579744 0\n(ULOC) 72620\n-------------------------------------------------------------------------------\nRuby 318 20238 2849 1583 15806 1426\n(ULOC) 11510\n-------------------------------------------------------------------------------\nRuby HTML 295 10308 309 891 9108 810\n(ULOC) 3117\n-------------------------------------------------------------------------------\nJSON 85 51325 178 0 51147 0\n(ULOC) 6275\n-------------------------------------------------------------------------------\nXML Schema 31 44765 79 0 44686 0\n(ULOC) 7953\n-------------------------------------------------------------------------------\nMarkdown 16 3421 515 0 2906 0\n(ULOC) 1519\n-------------------------------------------------------------------------------\nExtensible Styleshe… 15 11217 1471 0 9746 0\n(ULOC) 4597\n-------------------------------------------------------------------------------\nPlain Text 8 890 184 0 706 0\n(ULOC) 681\n-------------------------------------------------------------------------------\nYAML 5 123 24 4 95 0\n(ULOC) 73\n-------------------------------------------------------------------------------\nHTML 3 2113 86 0 2027 0\n(ULOC) 843\n-------------------------------------------------------------------------------\nGemfile 1 23 6 0 17 0\n(ULOC) 17\n-------------------------------------------------------------------------------\nRakefile 1 18 6 0 12 0\n(ULOC) 12\n───────────────────────────────────────────────────────────────────────────────\nTotal 1185 740489 12287 12202 716000 2236\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 108428\nDRYness % 0.15\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $26,869,154\nEstimated Schedule Effort (organic) 48.03 months\nEstimated People Required (organic) 49.70\n───────────────────────────────────────────────────────────────────────────────\nProcessed 48763461 bytes, 48.763 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:31:00Z", + "date": "2025-01-19T14:32:27Z", "repo": { "name": "github.com/measureauthoringtool/health-data-standards", "commit": "3bdd4093da47645f91aa7e3b80494de78cc9223a" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.8, "checks": [ @@ -262,7 +262,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -272,7 +272,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -282,7 +282,7 @@ "reason": "0 out of 18 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -292,7 +292,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -302,7 +302,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -312,7 +312,7 @@ "reason": "project has 21 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -322,7 +322,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -332,7 +332,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -342,7 +342,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -352,7 +352,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -362,7 +362,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -372,7 +372,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -382,7 +382,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -392,7 +392,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -402,7 +402,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -412,7 +412,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -422,7 +422,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -432,7 +432,7 @@ "reason": "46 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-auth/madie-auth_data.json b/app/site/_data/measureauthoringtool/madie-auth/madie-auth_data.json index a81cd99366..ce9cd75a69 100644 --- a/app/site/_data/measureauthoringtool/madie-auth/madie-auth_data.json +++ b/app/site/_data/measureauthoringtool/madie-auth/madie-auth_data.json @@ -514,14 +514,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 6 239 17 1 221 10\n(ULOC) 179\n-------------------------------------------------------------------------------\nJSON 5 160 0 0 160 0\n(ULOC) 137\n-------------------------------------------------------------------------------\nJavaScript 4 122 3 2 117 0\n(ULOC) 92\n-------------------------------------------------------------------------------\nYAML 3 186 29 8 149 0\n(ULOC) 102\n-------------------------------------------------------------------------------\nMarkdown 2 30 8 0 22 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nTypeScript Typings 2 68 8 22 38 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nSass 1 24 2 0 22 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 1\n(ULOC) 4\n───────────────────────────────────────────────────────────────────────────────\nTotal 25 954 80 34 840 11\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 679\nDRYness % 0.71\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $22,495\nEstimated Schedule Effort (organic) 3.25 months\nEstimated People Required (organic) 0.61\n───────────────────────────────────────────────────────────────────────────────\nProcessed 31263 bytes, 0.031 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:36:57Z", + "date": "2025-01-19T14:38:47Z", "repo": { "name": "github.com/measureauthoringtool/madie-auth", "commit": "39125bc8ac00de4b3aee849f62f998a0dec33835" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.6, "checks": [ @@ -531,7 +531,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -541,7 +541,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -551,7 +551,7 @@ "reason": "3 out of 7 merged PRs checked by a CI test -- score normalized to 4", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -561,7 +561,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -571,7 +571,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -581,7 +581,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -591,7 +591,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -601,7 +601,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -611,7 +611,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -621,7 +621,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -631,7 +631,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -641,7 +641,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -651,7 +651,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -661,7 +661,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -671,7 +671,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -681,7 +681,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -691,7 +691,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -701,7 +701,7 @@ "reason": "13 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-components/madie-components_data.json b/app/site/_data/measureauthoringtool/madie-components/madie-components_data.json index 7a3223533a..43c87893ad 100644 --- a/app/site/_data/measureauthoringtool/madie-components/madie-components_data.json +++ b/app/site/_data/measureauthoringtool/madie-components/madie-components_data.json @@ -484,14 +484,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 55 3508 358 55 3095 125\n(ULOC) 1918\n-------------------------------------------------------------------------------\nJavaScript 4 185 4 2 179 0\n(ULOC) 157\n-------------------------------------------------------------------------------\nJSON 3 163 0 0 163 0\n(ULOC) 146\n-------------------------------------------------------------------------------\nYAML 3 191 30 8 153 0\n(ULOC) 104\n-------------------------------------------------------------------------------\nMarkdown 2 32 9 0 23 0\n(ULOC) 24\n-------------------------------------------------------------------------------\nTypeScript Typings 2 73 9 22 42 0\n(ULOC) 37\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 1\n(ULOC) 4\n───────────────────────────────────────────────────────────────────────────────\nTotal 71 4277 423 88 3766 126\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2481\nDRYness % 0.58\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $108,710\nEstimated Schedule Effort (organic) 5.92 months\nEstimated People Required (organic) 1.63\n───────────────────────────────────────────────────────────────────────────────\nProcessed 127226 bytes, 0.127 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:37:10Z", + "date": "2025-01-19T14:39:02Z", "repo": { "name": "github.com/measureauthoringtool/madie-components", "commit": "99b01af74693ea515cb0acb84316517a2355f716" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.6, "checks": [ @@ -501,7 +501,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -511,7 +511,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -521,7 +521,7 @@ "reason": "0 out of 19 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -531,7 +531,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -541,7 +541,7 @@ "reason": "Found 12/13 approved changesets -- score normalized to 9", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -551,7 +551,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -561,7 +561,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -571,7 +571,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -581,7 +581,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -591,7 +591,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -601,7 +601,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -611,7 +611,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -621,7 +621,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -631,7 +631,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -641,7 +641,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -651,7 +651,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -661,7 +661,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -671,7 +671,7 @@ "reason": "56 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-cql-library/madie-cql-library_data.json b/app/site/_data/measureauthoringtool/madie-cql-library/madie-cql-library_data.json index 12ca43f1af..9932318fb9 100644 --- a/app/site/_data/measureauthoringtool/madie-cql-library/madie-cql-library_data.json +++ b/app/site/_data/measureauthoringtool/madie-cql-library/madie-cql-library_data.json @@ -586,14 +586,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 38 6803 473 53 6277 213\n(ULOC) 3010\n-------------------------------------------------------------------------------\nJSON 5 173 0 0 173 0\n(ULOC) 150\n-------------------------------------------------------------------------------\nJavaScript 5 250 7 4 239 2\n(ULOC) 204\n-------------------------------------------------------------------------------\nTypeScript Typings 5 360 45 23 292 2\n(ULOC) 238\n-------------------------------------------------------------------------------\nYAML 3 187 31 8 148 0\n(ULOC) 107\n-------------------------------------------------------------------------------\nMarkdown 2 30 8 0 22 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nSass 2 197 24 0 173 0\n(ULOC) 127\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 1\n(ULOC) 4\n-------------------------------------------------------------------------------\nTOML 1 3 0 0 3 0\n(ULOC) 3\n───────────────────────────────────────────────────────────────────────────────\nTotal 63 8128 601 89 7438 218\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3931\nDRYness % 0.48\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $222,138\nEstimated Schedule Effort (organic) 7.76 months\nEstimated People Required (organic) 2.54\n───────────────────────────────────────────────────────────────────────────────\nProcessed 246790 bytes, 0.247 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:40:04Z", + "date": "2025-01-19T14:42:04Z", "repo": { "name": "github.com/measureauthoringtool/madie-cql-library", "commit": "a2b3d0e1506148fd9f15455a6de76da1be506d4e" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.6, "checks": [ @@ -603,7 +603,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -613,7 +613,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -623,7 +623,7 @@ "reason": "9 out of 9 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -633,7 +633,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -643,7 +643,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -653,7 +653,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -663,7 +663,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -673,7 +673,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -683,7 +683,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -693,7 +693,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -703,7 +703,7 @@ "reason": "29 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -713,7 +713,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -723,7 +723,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -733,7 +733,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -743,7 +743,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -753,7 +753,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -763,7 +763,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -773,7 +773,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-cypress/madie-cypress_data.json b/app/site/_data/measureauthoringtool/madie-cypress/madie-cypress_data.json index eceb597e6b..339657a52d 100644 --- a/app/site/_data/measureauthoringtool/madie-cypress/madie-cypress_data.json +++ b/app/site/_data/measureauthoringtool/madie-cypress/madie-cypress_data.json @@ -372,14 +372,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 224 76870 13066 6108 57696 2386\n(ULOC) 16863\n-------------------------------------------------------------------------------\nPlain Text 47 1333 257 0 1076 0\n(ULOC) 465\n-------------------------------------------------------------------------------\nXML 41 1626 41 7 1578 0\n(ULOC) 932\n-------------------------------------------------------------------------------\nJSON 28 7217 7 0 7210 0\n(ULOC) 901\n-------------------------------------------------------------------------------\nHTML 11 1409 289 17 1103 0\n(ULOC) 413\n-------------------------------------------------------------------------------\nYAML 2 67 3 0 64 0\n(ULOC) 65\n-------------------------------------------------------------------------------\nDockerfile 1 33 7 5 21 8\n(ULOC) 26\n-------------------------------------------------------------------------------\nJavaScript 1 71 8 12 51 0\n(ULOC) 53\n───────────────────────────────────────────────────────────────────────────────\nTotal 355 88626 13678 6149 68799 2394\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 19623\nDRYness % 0.22\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $2,296,447\nEstimated Schedule Effort (organic) 18.86 months\nEstimated People Required (organic) 10.82\n───────────────────────────────────────────────────────────────────────────────\nProcessed 5865861 bytes, 5.866 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:38:03Z", + "date": "2025-01-19T14:39:59Z", "repo": { "name": "github.com/measureauthoringtool/madie-cypress", - "commit": "84990bc91634a1754b26ffffe02de8d5eb8aebe0" + "commit": "111d34c1450b000f89cb66c278585d4894e31df2" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.4, "checks": [ @@ -389,7 +389,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -399,17 +399,17 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, - "score": 9, - "reason": "15 out of 16 merged PRs checked by a CI test -- score normalized to 9", + "score": 10, + "reason": "18 out of 18 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -419,7 +419,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -429,7 +429,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -439,7 +439,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -449,7 +449,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -459,7 +459,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -469,7 +469,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -479,7 +479,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -489,7 +489,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -499,7 +499,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -509,7 +509,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -519,7 +519,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -529,7 +529,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -539,7 +539,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -549,7 +549,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -559,7 +559,7 @@ "reason": "3 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-design-system/madie-design-system_data.json b/app/site/_data/measureauthoringtool/madie-design-system/madie-design-system_data.json index 5d0695c03e..606ad4692c 100644 --- a/app/site/_data/measureauthoringtool/madie-design-system/madie-design-system_data.json +++ b/app/site/_data/measureauthoringtool/madie-design-system/madie-design-system_data.json @@ -666,14 +666,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nSass 140 13708 1936 1156 10616 40\n(ULOC) 6002\n-------------------------------------------------------------------------------\nJavaScript 96 8218 504 112 7602 101\n(ULOC) 3543\n-------------------------------------------------------------------------------\nJSX 42 4827 222 89 4516 127\n(ULOC) 2610\n-------------------------------------------------------------------------------\nSVG 20 2899 0 3 2896 0\n(ULOC) 2734\n-------------------------------------------------------------------------------\nMarkdown 6 191 59 0 132 0\n(ULOC) 119\n-------------------------------------------------------------------------------\nYAML 5 206 29 8 169 0\n(ULOC) 142\n-------------------------------------------------------------------------------\nJSON 2 165 0 0 165 0\n(ULOC) 156\n-------------------------------------------------------------------------------\nHTML 1 9 0 4 5 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nLicense 1 116 20 0 96 0\n(ULOC) 97\n-------------------------------------------------------------------------------\nPlain Text 1 92 17 0 75 0\n(ULOC) 76\n-------------------------------------------------------------------------------\nXML 1 9 0 0 9 0\n(ULOC) 10\n───────────────────────────────────────────────────────────────────────────────\nTotal 315 30440 2787 1372 26281 268\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 15236\nDRYness % 0.50\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $836,025\nEstimated Schedule Effort (organic) 12.85 months\nEstimated People Required (organic) 5.78\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1361442 bytes, 1.361 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:39:26Z", + "date": "2025-01-19T14:41:27Z", "repo": { "name": "github.com/measureauthoringtool/madie-design-system", - "commit": "31a191b797922749cc9b9c1368e7509446a08c9b" + "commit": "6ab6fe5f2cfb5d47855f970b891bcbf0df11f6bf" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 6.9, "checks": [ @@ -683,7 +683,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -693,7 +693,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -703,7 +703,7 @@ "reason": "8 out of 8 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -713,7 +713,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -723,7 +723,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -733,7 +733,7 @@ "reason": "project has 4 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -743,7 +743,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -753,7 +753,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -763,7 +763,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -773,7 +773,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -783,7 +783,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -793,7 +793,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -803,7 +803,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 3", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -813,7 +813,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -823,7 +823,7 @@ "reason": "security policy file detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -833,7 +833,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -843,7 +843,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -853,7 +853,7 @@ "reason": "1 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-editor/madie-editor_data.json b/app/site/_data/measureauthoringtool/madie-editor/madie-editor_data.json index 5c390d7330..4d58c4bafa 100644 --- a/app/site/_data/measureauthoringtool/madie-editor/madie-editor_data.json +++ b/app/site/_data/measureauthoringtool/madie-editor/madie-editor_data.json @@ -623,14 +623,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 117 19412 1423 277 17712 767\n(ULOC) 8122\n-------------------------------------------------------------------------------\nSass 13 688 50 10 628 0\n(ULOC) 349\n-------------------------------------------------------------------------------\nJSON 6 684 0 0 684 0\n(ULOC) 393\n-------------------------------------------------------------------------------\nJavaScript 5 254 10 4 240 2\n(ULOC) 208\n-------------------------------------------------------------------------------\nTypeScript Typings 3 105 14 22 69 0\n(ULOC) 65\n-------------------------------------------------------------------------------\nYAML 3 187 29 8 150 0\n(ULOC) 103\n-------------------------------------------------------------------------------\nMarkdown 2 61 17 0 44 0\n(ULOC) 45\n-------------------------------------------------------------------------------\nCSS 1 24 4 0 20 0\n(ULOC) 17\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 1\n(ULOC) 4\n───────────────────────────────────────────────────────────────────────────────\nTotal 152 21540 1560 322 19658 770\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 9359\nDRYness % 0.43\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $616,327\nEstimated Schedule Effort (organic) 11.44 months\nEstimated People Required (organic) 4.79\n───────────────────────────────────────────────────────────────────────────────\nProcessed 687084 bytes, 0.687 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:36:40Z", + "date": "2025-01-19T14:38:33Z", "repo": { "name": "github.com/measureauthoringtool/madie-editor", - "commit": "862eb19fb902e939becb2e58989381fec1c7339d" + "commit": "81711855479935adea3353cfa78d172915558d78" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 6.7, "checks": [ @@ -640,7 +640,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -650,7 +650,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -660,7 +660,7 @@ "reason": "8 out of 8 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -670,7 +670,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -680,7 +680,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -690,7 +690,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -700,7 +700,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -710,7 +710,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -720,7 +720,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -730,7 +730,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -740,7 +740,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -750,7 +750,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -760,7 +760,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -770,7 +770,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -780,7 +780,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -790,7 +790,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -800,7 +800,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -810,7 +810,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-fhir-elm-translator/madie-fhir-elm-translator_data.json b/app/site/_data/measureauthoringtool/madie-fhir-elm-translator/madie-fhir-elm-translator_data.json index 458cfc1385..8bed6449cb 100644 --- a/app/site/_data/measureauthoringtool/madie-fhir-elm-translator/madie-fhir-elm-translator_data.json +++ b/app/site/_data/measureauthoringtool/madie-fhir-elm-translator/madie-fhir-elm-translator_data.json @@ -205,14 +205,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 46 4317 616 146 3555 176\n(ULOC) 2223\n-------------------------------------------------------------------------------\nJSON 8 84933 0 0 84933 0\n(ULOC) 9971\n-------------------------------------------------------------------------------\nYAML 7 174 26 3 145 0\n(ULOC) 122\n-------------------------------------------------------------------------------\nXML 5 943 62 27 854 0\n(ULOC) 545\n-------------------------------------------------------------------------------\nMarkdown 2 51 13 0 38 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nDockerfile 1 13 4 3 6 1\n(ULOC) 10\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 70 90552 733 179 89640 177\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 12996\nDRYness % 0.14\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $3,031,951\nEstimated Schedule Effort (organic) 20.96 months\nEstimated People Required (organic) 12.85\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3399036 bytes, 3.399 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:42:34Z", + "date": "2025-01-19T14:44:32Z", "repo": { "name": "github.com/measureauthoringtool/madie-fhir-elm-translator", - "commit": "35010a770c3bccae9face5c1056646993ac6408d" + "commit": "54861cdd0d7534d147cef26b54071cc7960d818e" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.5, "checks": [ @@ -222,7 +222,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -232,7 +232,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -242,7 +242,7 @@ "reason": "13 out of 13 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -252,7 +252,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -262,7 +262,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -272,7 +272,7 @@ "reason": "project has 4 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -282,7 +282,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -292,7 +292,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -302,7 +302,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -312,7 +312,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -322,7 +322,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -332,7 +332,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -342,7 +342,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -352,7 +352,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -362,7 +362,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -372,7 +372,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -382,7 +382,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -392,7 +392,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-fhir-service/madie-fhir-service_data.json b/app/site/_data/measureauthoringtool/madie-fhir-service/madie-fhir-service_data.json index a8f2627210..fa5698a1d2 100644 --- a/app/site/_data/measureauthoringtool/madie-fhir-service/madie-fhir-service_data.json +++ b/app/site/_data/measureauthoringtool/madie-fhir-service/madie-fhir-service_data.json @@ -280,14 +280,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 90 10732 1205 427 9100 335\n(ULOC) 4994\n-------------------------------------------------------------------------------\nHTML 29 457 1 0 456 0\n(ULOC) 307\n-------------------------------------------------------------------------------\nJSON 10 1295 6 0 1289 0\n(ULOC) 633\n-------------------------------------------------------------------------------\nXML 4 431 44 24 363 0\n(ULOC) 302\n-------------------------------------------------------------------------------\nYAML 3 97 13 5 79 0\n(ULOC) 81\n-------------------------------------------------------------------------------\nMarkdown 2 51 13 0 38 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nBatch 1 188 35 0 153 27\n(ULOC) 134\n-------------------------------------------------------------------------------\nDockerfile 1 20 5 6 9 1\n(ULOC) 16\n-------------------------------------------------------------------------------\nProperties File 1 2 0 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nShell 1 316 27 54 235 35\n(ULOC) 216\n───────────────────────────────────────────────────────────────────────────────\nTotal 142 13589 1349 516 11724 398\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 6696\nDRYness % 0.49\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $358,199\nEstimated Schedule Effort (organic) 9.31 months\nEstimated People Required (organic) 3.42\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3886991 bytes, 3.887 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:40:30Z", + "date": "2025-01-19T14:42:27Z", "repo": { "name": "github.com/measureauthoringtool/madie-fhir-service", - "commit": "9f86f7eb3469258bd83746cb30838ff4022c7027" + "commit": "db7b72af7a3a0bbdb0229c2ee8ce9a3821a68534" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.4, "checks": [ @@ -297,7 +297,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -307,7 +307,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -317,7 +317,7 @@ "reason": "12 out of 12 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -327,7 +327,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -337,7 +337,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -347,7 +347,7 @@ "reason": "project has 4 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -357,7 +357,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -367,7 +367,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -377,7 +377,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -387,7 +387,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -397,7 +397,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -407,7 +407,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -417,7 +417,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -427,7 +427,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -437,7 +437,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -447,7 +447,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -457,7 +457,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -467,7 +467,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-frontend-template/madie-frontend-template_data.json b/app/site/_data/measureauthoringtool/madie-frontend-template/madie-frontend-template_data.json index 54f62438ef..078fc4d8f9 100644 --- a/app/site/_data/measureauthoringtool/madie-frontend-template/madie-frontend-template_data.json +++ b/app/site/_data/measureauthoringtool/madie-frontend-template/madie-frontend-template_data.json @@ -440,14 +440,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 5 150 0 0 150 0\n(ULOC) 128\n-------------------------------------------------------------------------------\nJavaScript 4 104 4 3 97 0\n(ULOC) 78\n-------------------------------------------------------------------------------\nTypeScript 4 53 7 1 45 0\n(ULOC) 43\n-------------------------------------------------------------------------------\nYAML 3 187 31 8 148 0\n(ULOC) 108\n-------------------------------------------------------------------------------\nMarkdown 2 5 1 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nTypeScript Typings 2 68 8 22 38 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 1\n(ULOC) 4\n───────────────────────────────────────────────────────────────────────────────\nTotal 22 692 64 35 593 1\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 499\nDRYness % 0.72\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $15,606\nEstimated Schedule Effort (organic) 2.83 months\nEstimated People Required (organic) 0.49\n───────────────────────────────────────────────────────────────────────────────\nProcessed 22121 bytes, 0.022 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:37:29Z", + "date": "2025-01-19T14:39:23Z", "repo": { "name": "github.com/measureauthoringtool/madie-frontend-template", "commit": "222983b50aa63d2322cc95a673755542ad59b15c" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.7, "checks": [ @@ -457,7 +457,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -467,7 +467,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -477,7 +477,7 @@ "reason": "3 out of 4 merged PRs checked by a CI test -- score normalized to 7", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -487,7 +487,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -497,7 +497,7 @@ "reason": "Found 3/5 approved changesets -- score normalized to 6", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -507,7 +507,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -517,7 +517,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -527,7 +527,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -537,7 +537,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -547,7 +547,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -557,7 +557,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -567,7 +567,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -577,7 +577,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -587,7 +587,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -597,7 +597,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -607,7 +607,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -617,7 +617,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -627,7 +627,7 @@ "reason": "13 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-java-models/madie-java-models_data.json b/app/site/_data/measureauthoringtool/madie-java-models/madie-java-models_data.json index 41cdae515e..2fa9557635 100644 --- a/app/site/_data/measureauthoringtool/madie-java-models/madie-java-models_data.json +++ b/app/site/_data/measureauthoringtool/madie-java-models/madie-java-models_data.json @@ -153,14 +153,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 187 8078 1134 43 6901 168\n(ULOC) 2207\n-------------------------------------------------------------------------------\nXML 3 282 25 18 239 0\n(ULOC) 203\n-------------------------------------------------------------------------------\nMarkdown 2 42 9 0 33 0\n(ULOC) 33\n-------------------------------------------------------------------------------\nYAML 2 79 10 2 67 0\n(ULOC) 47\n───────────────────────────────────────────────────────────────────────────────\nTotal 194 8481 1178 63 7240 168\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 2485\nDRYness % 0.29\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $215,933\nEstimated Schedule Effort (organic) 7.68 months\nEstimated People Required (organic) 2.50\n───────────────────────────────────────────────────────────────────────────────\nProcessed 271588 bytes, 0.272 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:40:53Z", + "date": "2025-01-19T14:42:49Z", "repo": { "name": "github.com/measureauthoringtool/madie-java-models", - "commit": "e4a24a49dc6d552c4904a5165d5211f4b31da78d" + "commit": "caba776ad66bd7d1447c4a375340376f73fb3ccb" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 6.2, "checks": [ @@ -170,7 +170,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -180,7 +180,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -190,7 +190,7 @@ "reason": "13 out of 13 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -200,7 +200,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -210,7 +210,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -220,7 +220,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -230,7 +230,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -240,7 +240,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -250,7 +250,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -260,17 +260,17 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, { "details": null, "score": 10, - "reason": "23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "reason": "25 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -280,7 +280,7 @@ "reason": "packaging workflow detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -290,7 +290,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -300,7 +300,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -310,7 +310,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -320,7 +320,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -330,7 +330,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -340,7 +340,7 @@ "reason": "3 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-layout/madie-layout_data.json b/app/site/_data/measureauthoringtool/madie-layout/madie-layout_data.json index 97789defd8..a8c556c4c3 100644 --- a/app/site/_data/measureauthoringtool/madie-layout/madie-layout_data.json +++ b/app/site/_data/measureauthoringtool/madie-layout/madie-layout_data.json @@ -676,14 +676,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 56 5543 404 74 5065 204\n(ULOC) 2799\n-------------------------------------------------------------------------------\nTypeScript Typings 8 298 34 22 242 2\n(ULOC) 179\n-------------------------------------------------------------------------------\nJavaScript 6 215 5 6 204 2\n(ULOC) 148\n-------------------------------------------------------------------------------\nSass 6 487 57 2 428 0\n(ULOC) 292\n-------------------------------------------------------------------------------\nJSON 5 188 0 0 188 0\n(ULOC) 165\n-------------------------------------------------------------------------------\nSVG 5 190 1 1 188 0\n(ULOC) 162\n-------------------------------------------------------------------------------\nYAML 3 187 29 8 150 0\n(ULOC) 103\n-------------------------------------------------------------------------------\nMarkdown 2 30 8 0 22 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 1\n(ULOC) 4\n-------------------------------------------------------------------------------\nTOML 1 3 0 0 3 0\n(ULOC) 3\n───────────────────────────────────────────────────────────────────────────────\nTotal 94 7266 551 114 6601 209\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3937\nDRYness % 0.54\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $195,968\nEstimated Schedule Effort (organic) 7.40 months\nEstimated People Required (organic) 2.35\n───────────────────────────────────────────────────────────────────────────────\nProcessed 418156 bytes, 0.418 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:36:27Z", + "date": "2025-01-19T14:38:18Z", "repo": { "name": "github.com/measureauthoringtool/madie-layout", "commit": "176e6b73c5ced6551d643e6a6bd597c4969ca212" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 6.7, "checks": [ @@ -693,7 +693,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -703,7 +703,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -713,7 +713,7 @@ "reason": "9 out of 9 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -723,7 +723,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -733,7 +733,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -743,7 +743,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -753,7 +753,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -763,7 +763,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -773,7 +773,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -783,7 +783,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -793,7 +793,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -803,7 +803,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -813,7 +813,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -823,7 +823,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -833,7 +833,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -843,7 +843,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -853,7 +853,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -863,7 +863,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-measure/madie-measure_data.json b/app/site/_data/measureauthoringtool/madie-measure/madie-measure_data.json index c4685ef2c1..1b6b60a6a3 100644 --- a/app/site/_data/measureauthoringtool/madie-measure/madie-measure_data.json +++ b/app/site/_data/measureauthoringtool/madie-measure/madie-measure_data.json @@ -776,16 +776,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 525 128695 7683 1928 119084 5269\n(ULOC) 42089\n-------------------------------------------------------------------------------\nSass 42 1730 119 11 1600 0\n(ULOC) 897\n-------------------------------------------------------------------------------\nJSON 38 138724 2 0 138722 0\n(ULOC) 25711\n-------------------------------------------------------------------------------\nJavaScript 9 724 21 9 694 4\n(ULOC) 462\n-------------------------------------------------------------------------------\nTypeScript Typings 5 465 48 23 394 3\n(ULOC) 327\n-------------------------------------------------------------------------------\nYAML 3 189 30 9 150 0\n(ULOC) 104\n-------------------------------------------------------------------------------\nMarkdown 2 53 17 0 36 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nCSS 1 15 0 0 15 0\n(ULOC) 16\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nSVG 1 3 0 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 1\n(ULOC) 4\n-------------------------------------------------------------------------------\nTOML 1 3 0 0 3 0\n(ULOC) 3\n───────────────────────────────────────────────────────────────────────────────\nTotal 629 270726 7933 1981 260812 5277\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 69227\nDRYness % 0.26\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $9,305,490\nEstimated Schedule Effort (organic) 32.10 months\nEstimated People Required (organic) 25.75\n───────────────────────────────────────────────────────────────────────────────\nProcessed 12708600 bytes, 12.709 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:38:14Z", + "date": "2025-01-19T14:40:10Z", "repo": { "name": "github.com/measureauthoringtool/madie-measure", - "commit": "97a89481f8d34218236815e7d8408159ad51baf9" + "commit": "595ae9d281409018c27c50a1894da4ecc84f0e1e" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 5.9, + "score": 5.8, "checks": [ { "details": null, @@ -793,7 +793,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -803,17 +803,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, "score": 10, - "reason": "6 out of 6 merged PRs checked by a CI test -- score normalized to 10", + "reason": "9 out of 9 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -823,7 +823,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -833,7 +833,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -843,7 +843,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -853,7 +853,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -863,7 +863,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -873,7 +873,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -883,7 +883,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -893,7 +893,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -903,7 +903,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -913,7 +913,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -923,7 +923,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -933,7 +933,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -943,7 +943,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -953,17 +953,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, - "score": 10, - "reason": "0 existing vulnerabilities detected", + "score": 9, + "reason": "1 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-models/madie-models_data.json b/app/site/_data/measureauthoringtool/madie-models/madie-models_data.json index 0ab07949d4..2840f40972 100644 --- a/app/site/_data/measureauthoringtool/madie-models/madie-models_data.json +++ b/app/site/_data/measureauthoringtool/madie-models/madie-models_data.json @@ -149,14 +149,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 21 647 54 0 593 11\n(ULOC) 420\n-------------------------------------------------------------------------------\nJSON 2 134 8 0 126 0\n(ULOC) 123\n-------------------------------------------------------------------------------\nMarkdown 2 52 15 0 37 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nYAML 2 141 24 14 103 0\n(ULOC) 78\n-------------------------------------------------------------------------------\nJavaScript 1 6 0 1 5 0\n(ULOC) 7\n───────────────────────────────────────────────────────────────────────────────\nTotal 28 980 101 15 864 11\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 658\nDRYness % 0.67\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $23,170\nEstimated Schedule Effort (organic) 3.29 months\nEstimated People Required (organic) 0.63\n───────────────────────────────────────────────────────────────────────────────\nProcessed 34330 bytes, 0.034 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:40:43Z", + "date": "2025-01-19T14:42:38Z", "repo": { "name": "github.com/measureauthoringtool/madie-models", "commit": "f6ac5bb979b97864c8e8f3eb206f2e45d1a4c185" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.6, "checks": [ @@ -166,7 +166,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -176,7 +176,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -186,7 +186,7 @@ "reason": "13 out of 13 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -196,7 +196,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -206,7 +206,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -216,7 +216,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -226,7 +226,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -236,7 +236,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -246,7 +246,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -256,7 +256,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -266,7 +266,7 @@ "reason": "22 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -276,7 +276,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -286,7 +286,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 3", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -296,7 +296,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -306,7 +306,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -316,7 +316,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -326,7 +326,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -336,7 +336,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-patient/madie-patient_data.json b/app/site/_data/measureauthoringtool/madie-patient/madie-patient_data.json index b64fdb90bb..f9756e5b10 100644 --- a/app/site/_data/measureauthoringtool/madie-patient/madie-patient_data.json +++ b/app/site/_data/measureauthoringtool/madie-patient/madie-patient_data.json @@ -817,14 +817,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 334 82609 4585 1008 77016 3450\n(ULOC) 26843\n-------------------------------------------------------------------------------\nJSON 28 138186 2 0 138184 0\n(ULOC) 25565\n-------------------------------------------------------------------------------\nSass 26 1060 75 9 976 0\n(ULOC) 567\n-------------------------------------------------------------------------------\nJavaScript 7 667 16 5 646 2\n(ULOC) 429\n-------------------------------------------------------------------------------\nTypeScript Typings 4 193 28 22 143 2\n(ULOC) 119\n-------------------------------------------------------------------------------\nYAML 3 186 28 19 139 0\n(ULOC) 114\n-------------------------------------------------------------------------------\nMarkdown 2 30 8 0 22 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nCSS 1 15 0 0 15 0\n(ULOC) 16\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 1 24 4 5 15 1\n(ULOC) 21\n───────────────────────────────────────────────────────────────────────────────\nTotal 407 223091 4758 1068 217265 3455\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 53504\nDRYness % 0.24\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $7,681,297\nEstimated Schedule Effort (organic) 29.85 months\nEstimated People Required (organic) 22.87\n───────────────────────────────────────────────────────────────────────────────\nProcessed 11089445 bytes, 11.089 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:38:29Z", + "date": "2025-01-19T14:40:29Z", "repo": { "name": "github.com/measureauthoringtool/madie-patient", "commit": "127a2875d2ae1b1741ca1f54f561c879383bd646" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.5, "checks": [ @@ -834,7 +834,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -844,7 +844,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -854,7 +854,7 @@ "reason": "11 out of 11 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -864,7 +864,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -874,7 +874,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -884,7 +884,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -894,7 +894,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -904,7 +904,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -914,7 +914,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -924,7 +924,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -934,7 +934,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -944,7 +944,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -954,7 +954,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -964,7 +964,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -974,7 +974,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -984,7 +984,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -994,17 +994,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, - "score": 7, - "reason": "3 existing vulnerabilities detected", + "score": 6, + "reason": "4 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-public/madie-public_data.json b/app/site/_data/measureauthoringtool/madie-public/madie-public_data.json index 88356aff74..c171dc5872 100644 --- a/app/site/_data/measureauthoringtool/madie-public/madie-public_data.json +++ b/app/site/_data/measureauthoringtool/madie-public/madie-public_data.json @@ -453,14 +453,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJSON 5 159 0 0 159 0\n(ULOC) 135\n-------------------------------------------------------------------------------\nJavaScript 4 111 4 3 104 0\n(ULOC) 80\n-------------------------------------------------------------------------------\nTypeScript 4 86 11 3 72 0\n(ULOC) 69\n-------------------------------------------------------------------------------\nYAML 3 188 30 9 149 0\n(ULOC) 103\n-------------------------------------------------------------------------------\nMarkdown 2 38 11 0 27 0\n(ULOC) 27\n-------------------------------------------------------------------------------\nTypeScript Typings 2 68 8 22 38 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 1\n(ULOC) 4\n───────────────────────────────────────────────────────────────────────────────\nTotal 22 775 77 38 660 1\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 550\nDRYness % 0.71\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $17,462\nEstimated Schedule Effort (organic) 2.95 months\nEstimated People Required (organic) 0.53\n───────────────────────────────────────────────────────────────────────────────\nProcessed 25161 bytes, 0.025 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:37:41Z", + "date": "2025-01-19T14:39:36Z", "repo": { "name": "github.com/measureauthoringtool/madie-public", "commit": "157a98311537769c57104582c2e8d4c725851a6b" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.6, "checks": [ @@ -470,7 +470,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -480,7 +480,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -490,7 +490,7 @@ "reason": "0 out of 10 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -500,7 +500,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -510,7 +510,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -520,7 +520,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -530,7 +530,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -540,7 +540,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -550,7 +550,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -560,7 +560,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -570,7 +570,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -580,7 +580,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -590,7 +590,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -600,7 +600,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -610,7 +610,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -620,7 +620,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -630,7 +630,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -640,7 +640,7 @@ "reason": "31 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-qdm-elm-translation/madie-qdm-elm-translation_data.json b/app/site/_data/measureauthoringtool/madie-qdm-elm-translation/madie-qdm-elm-translation_data.json index 7fef112651..e2cad8fec2 100644 --- a/app/site/_data/measureauthoringtool/madie-qdm-elm-translation/madie-qdm-elm-translation_data.json +++ b/app/site/_data/measureauthoringtool/madie-qdm-elm-translation/madie-qdm-elm-translation_data.json @@ -201,14 +201,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 44 4270 582 170 3518 160\n(ULOC) 2268\n-------------------------------------------------------------------------------\nJSON 8 84933 0 0 84933 0\n(ULOC) 9971\n-------------------------------------------------------------------------------\nYAML 7 174 26 3 145 0\n(ULOC) 122\n-------------------------------------------------------------------------------\nXML 5 903 61 24 818 0\n(ULOC) 531\n-------------------------------------------------------------------------------\nMarkdown 2 51 13 0 38 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nDockerfile 1 13 4 3 6 1\n(ULOC) 10\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 68 90465 698 200 89567 161\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 13027\nDRYness % 0.14\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $3,029,359\nEstimated Schedule Effort (organic) 20.96 months\nEstimated People Required (organic) 12.84\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3395381 bytes, 3.395 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:38:55Z", + "date": "2025-01-19T14:40:57Z", "repo": { "name": "github.com/measureauthoringtool/madie-qdm-elm-translation", - "commit": "19f86556234d9344d7d9d71b3386db1662cb2347" + "commit": "2dc7a01c0ef803090688fd034a2a9bf975345a10" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.7, "checks": [ @@ -218,7 +218,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -228,7 +228,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -238,7 +238,7 @@ "reason": "11 out of 11 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -248,7 +248,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -258,7 +258,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -268,7 +268,7 @@ "reason": "project has 4 contributing companies or organizations", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -278,7 +278,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -288,7 +288,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -298,7 +298,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -308,7 +308,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -318,7 +318,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -328,7 +328,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -338,7 +338,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -348,7 +348,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -358,7 +358,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -368,7 +368,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -378,7 +378,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -388,7 +388,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-qdm-service/madie-qdm-service_data.json b/app/site/_data/measureauthoringtool/madie-qdm-service/madie-qdm-service_data.json index adacc3e089..48188acf15 100644 --- a/app/site/_data/measureauthoringtool/madie-qdm-service/madie-qdm-service_data.json +++ b/app/site/_data/measureauthoringtool/madie-qdm-service/madie-qdm-service_data.json @@ -240,14 +240,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 148 28512 2854 5767 19891 2167\n(ULOC) 12205\n-------------------------------------------------------------------------------\nFreemarker Template 19 1275 111 13 1151 74\n(ULOC) 688\n-------------------------------------------------------------------------------\nJSON 8 33414 1 0 33413 0\n(ULOC) 6757\n-------------------------------------------------------------------------------\nXML 6 1365 104 75 1186 0\n(ULOC) 887\n-------------------------------------------------------------------------------\nYAML 4 114 14 3 97 0\n(ULOC) 92\n-------------------------------------------------------------------------------\nMarkdown 3 56 14 0 42 0\n(ULOC) 34\n-------------------------------------------------------------------------------\nDockerfile 1 20 5 6 9 1\n(ULOC) 16\n-------------------------------------------------------------------------------\nExtensible Styleshe… 1 925 60 0 865 0\n(ULOC) 541\n-------------------------------------------------------------------------------\nXML Schema 1 424 0 0 424 0\n(ULOC) 211\n───────────────────────────────────────────────────────────────────────────────\nTotal 191 66105 3163 5864 57078 2242\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 21407\nDRYness % 0.32\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,887,502\nEstimated Schedule Effort (organic) 17.51 months\nEstimated People Required (organic) 9.58\n───────────────────────────────────────────────────────────────────────────────\nProcessed 3600868 bytes, 3.601 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:42:04Z", + "date": "2025-01-19T14:44:01Z", "repo": { "name": "github.com/measureauthoringtool/madie-qdm-service", "commit": "fbbd26dd9624ecd5aef7198abb5ff54df3f99913" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.2, "checks": [ @@ -257,7 +257,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -267,7 +267,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -277,7 +277,7 @@ "reason": "13 out of 13 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -287,7 +287,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -297,7 +297,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -307,7 +307,7 @@ "reason": "project has 2 contributing companies or organizations -- score normalized to 6", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -317,7 +317,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -327,7 +327,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -337,7 +337,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -347,17 +347,17 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, { "details": null, "score": 10, - "reason": "23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "reason": "14 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -367,7 +367,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -377,7 +377,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -387,7 +387,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -397,7 +397,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -407,7 +407,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -417,7 +417,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -427,7 +427,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-rest-commons/madie-rest-commons_data.json b/app/site/_data/measureauthoringtool/madie-rest-commons/madie-rest-commons_data.json index 98f75ee6e7..18f3825e82 100644 --- a/app/site/_data/measureauthoringtool/madie-rest-commons/madie-rest-commons_data.json +++ b/app/site/_data/measureauthoringtool/madie-rest-commons/madie-rest-commons_data.json @@ -170,14 +170,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 80 2489 492 72 1925 104\n(ULOC) 987\n-------------------------------------------------------------------------------\nMarkdown 2 27 7 0 20 0\n(ULOC) 21\n-------------------------------------------------------------------------------\nYAML 2 78 9 2 67 0\n(ULOC) 47\n-------------------------------------------------------------------------------\nJSON 1 254 0 0 254 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nXML 1 128 16 0 112 0\n(ULOC) 71\n───────────────────────────────────────────────────────────────────────────────\nTotal 87 3097 536 74 2487 104\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1360\nDRYness % 0.44\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $70,316\nEstimated Schedule Effort (organic) 5.02 months\nEstimated People Required (organic) 1.25\n───────────────────────────────────────────────────────────────────────────────\nProcessed 500286 bytes, 0.500 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:39:43Z", + "date": "2025-01-19T14:41:43Z", "repo": { "name": "github.com/measureauthoringtool/madie-rest-commons", "commit": "2d88d81ae8e5f0f6f643254dc645e60b29e2e4a7" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.9, "checks": [ @@ -187,7 +187,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -197,7 +197,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -207,7 +207,7 @@ "reason": "10 out of 15 merged PRs checked by a CI test -- score normalized to 6", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -217,7 +217,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -227,7 +227,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -237,7 +237,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -247,7 +247,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -257,7 +257,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -267,7 +267,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -277,7 +277,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -287,7 +287,7 @@ "reason": "6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -297,7 +297,7 @@ "reason": "packaging workflow detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -307,7 +307,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -317,7 +317,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -327,7 +327,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -337,7 +337,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -347,7 +347,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -357,7 +357,7 @@ "reason": "2 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-root/madie-root_data.json b/app/site/_data/measureauthoringtool/madie-root/madie-root_data.json index 72de8526ab..49fa7cea6f 100644 --- a/app/site/_data/measureauthoringtool/madie-root/madie-root_data.json +++ b/app/site/_data/measureauthoringtool/madie-root/madie-root_data.json @@ -414,14 +414,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 13 282 41 0 241 7\n(ULOC) 120\n-------------------------------------------------------------------------------\nJSON 7 172 0 0 172 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nYAML 3 186 28 8 150 0\n(ULOC) 102\n-------------------------------------------------------------------------------\nJavaScript 2 101 3 3 95 1\n(ULOC) 72\n-------------------------------------------------------------------------------\nMarkdown 2 30 8 0 22 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 1\n(ULOC) 4\n-------------------------------------------------------------------------------\nTypeScript Typings 1 39 7 0 32 0\n(ULOC) 14\n───────────────────────────────────────────────────────────────────────────────\nTotal 30 935 100 12 823 9\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 564\nDRYness % 0.60\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $22,017\nEstimated Schedule Effort (organic) 3.23 months\nEstimated People Required (organic) 0.61\n───────────────────────────────────────────────────────────────────────────────\nProcessed 31120 bytes, 0.031 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:36:15Z", + "date": "2025-01-19T14:38:07Z", "repo": { "name": "github.com/measureauthoringtool/madie-root", "commit": "d3a89decf61e2175368559002e25f91f3fdcdbcc" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 6.5, "checks": [ @@ -431,7 +431,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -441,7 +441,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -451,7 +451,7 @@ "reason": "9 out of 9 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -461,7 +461,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -471,7 +471,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -481,7 +481,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -491,7 +491,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -501,7 +501,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -511,7 +511,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -521,7 +521,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -531,7 +531,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -541,7 +541,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -551,7 +551,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -561,7 +561,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -571,7 +571,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -581,7 +581,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -591,7 +591,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -601,7 +601,7 @@ "reason": "2 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-server-commons/madie-server-commons_data.json b/app/site/_data/measureauthoringtool/madie-server-commons/madie-server-commons_data.json index 699d9e9f37..c342271de0 100644 --- a/app/site/_data/measureauthoringtool/madie-server-commons/madie-server-commons_data.json +++ b/app/site/_data/measureauthoringtool/madie-server-commons/madie-server-commons_data.json @@ -94,14 +94,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 85 13102 2118 3508 7476 968\n(ULOC) 6376\n-------------------------------------------------------------------------------\nXML 11 1998 180 55 1763 0\n(ULOC) 1227\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 97 15221 2310 3563 9348 968\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 7711\nDRYness % 0.51\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $282,390\nEstimated Schedule Effort (organic) 8.51 months\nEstimated People Required (organic) 2.95\n───────────────────────────────────────────────────────────────────────────────\nProcessed 446892 bytes, 0.447 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:38:50Z", + "date": "2025-01-19T14:40:51Z", "repo": { "name": "github.com/measureauthoringtool/madie-server-commons", "commit": "85077dd105e4609dc0c7a98302b494139fdfe739" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.3, "checks": [ @@ -111,7 +111,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -121,7 +121,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -131,7 +131,7 @@ "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -141,7 +141,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -151,7 +151,7 @@ "reason": "Found 1/11 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -161,7 +161,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -171,7 +171,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -181,7 +181,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -191,7 +191,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -201,7 +201,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -211,7 +211,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -221,7 +221,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -231,7 +231,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -241,7 +241,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -251,7 +251,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -261,7 +261,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -271,7 +271,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -281,7 +281,7 @@ "reason": "20 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-translator-commons/madie-translator-commons_data.json b/app/site/_data/measureauthoringtool/madie-translator-commons/madie-translator-commons_data.json index 94a44795ae..aefcfd3c33 100644 --- a/app/site/_data/measureauthoringtool/madie-translator-commons/madie-translator-commons_data.json +++ b/app/site/_data/measureauthoringtool/madie-translator-commons/madie-translator-commons_data.json @@ -153,14 +153,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 60 4759 736 314 3709 299\n(ULOC) 2537\n-------------------------------------------------------------------------------\nXML 4 403 22 30 351 0\n(ULOC) 291\n-------------------------------------------------------------------------------\nYAML 4 158 17 6 135 0\n(ULOC) 77\n-------------------------------------------------------------------------------\nMarkdown 2 34 9 0 25 0\n(ULOC) 26\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 71 5475 796 350 4329 299\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3037\nDRYness % 0.55\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $125,835\nEstimated Schedule Effort (organic) 6.26 months\nEstimated People Required (organic) 1.79\n───────────────────────────────────────────────────────────────────────────────\nProcessed 189669 bytes, 0.190 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:42:45Z", + "date": "2025-01-19T14:44:43Z", "repo": { "name": "github.com/measureauthoringtool/madie-translator-commons", "commit": "47c36db95ad1c8aa0630d3eff08bbe5b21ad4fda" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.7, "checks": [ @@ -170,7 +170,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -180,7 +180,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -190,7 +190,7 @@ "reason": "13 out of 13 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -200,7 +200,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -210,7 +210,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -220,7 +220,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -230,7 +230,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -240,7 +240,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -250,7 +250,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -260,17 +260,17 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, { "details": null, "score": 10, - "reason": "25 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", + "reason": "23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -280,7 +280,7 @@ "reason": "packaging workflow detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -290,7 +290,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -300,7 +300,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -310,7 +310,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -320,7 +320,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -330,7 +330,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -340,7 +340,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/madie-util/madie-util_data.json b/app/site/_data/measureauthoringtool/madie-util/madie-util_data.json index f5fb1ac1e9..fd202242a3 100644 --- a/app/site/_data/measureauthoringtool/madie-util/madie-util_data.json +++ b/app/site/_data/measureauthoringtool/madie-util/madie-util_data.json @@ -464,14 +464,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 27 1100 122 51 927 39\n(ULOC) 598\n-------------------------------------------------------------------------------\nJavaScript 4 46 2 1 43 0\n(ULOC) 34\n-------------------------------------------------------------------------------\nJSON 3 119 0 0 119 0\n(ULOC) 108\n-------------------------------------------------------------------------------\nYAML 3 191 29 7 155 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 2 30 8 0 22 0\n(ULOC) 23\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 1 4 1 1 2 1\n(ULOC) 4\n-------------------------------------------------------------------------------\nTOML 1 3 0 0 3 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nTypeScript Typings 1 39 7 0 32 0\n(ULOC) 14\n───────────────────────────────────────────────────────────────────────────────\nTotal 43 1653 181 60 1412 40\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 988\nDRYness % 0.60\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $38,808\nEstimated Schedule Effort (organic) 4.00 months\nEstimated People Required (organic) 0.86\n───────────────────────────────────────────────────────────────────────────────\nProcessed 52145 bytes, 0.052 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:41:16Z", + "date": "2025-01-19T14:43:12Z", "repo": { "name": "github.com/measureauthoringtool/madie-util", "commit": "14a072c02139ae41683672017a220112a193bb42" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.9, "checks": [ @@ -481,7 +481,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -491,7 +491,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -501,7 +501,7 @@ "reason": "10 out of 10 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -511,7 +511,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -521,7 +521,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -531,7 +531,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -541,7 +541,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -551,7 +551,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -561,7 +561,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -571,7 +571,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -581,7 +581,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -591,7 +591,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -601,7 +601,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -611,7 +611,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -621,7 +621,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -631,7 +631,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -641,7 +641,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -651,7 +651,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/mat-drupal/mat-drupal_data.json b/app/site/_data/measureauthoringtool/mat-drupal/mat-drupal_data.json index 8ea248eecd..ba88279e82 100644 --- a/app/site/_data/measureauthoringtool/mat-drupal/mat-drupal_data.json +++ b/app/site/_data/measureauthoringtool/mat-drupal/mat-drupal_data.json @@ -321,14 +321,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nYAML 397 21160 28 50 21082 0\n(ULOC) 5183\n-------------------------------------------------------------------------------\nTwig Template 160 4937 243 0 4694 196\n(ULOC) 2083\n-------------------------------------------------------------------------------\nSass 79 3606 592 209 2805 5\n(ULOC) 1638\n-------------------------------------------------------------------------------\nJavaScript 24 11153 1646 1457 8050 1817\n(ULOC) 6803\n-------------------------------------------------------------------------------\nPHP 17 959 117 244 598 73\n(ULOC) 542\n-------------------------------------------------------------------------------\nMarkdown 14 246 48 0 198 0\n(ULOC) 154\n-------------------------------------------------------------------------------\nSVG 14 221 0 0 221 0\n(ULOC) 140\n-------------------------------------------------------------------------------\nJSON 7 1352 0 0 1352 0\n(ULOC) 664\n-------------------------------------------------------------------------------\nCSS 3 3668 277 219 3172 0\n(ULOC) 1952\n-------------------------------------------------------------------------------\nShell 3 60 19 8 33 2\n(ULOC) 30\n-------------------------------------------------------------------------------\nDocker ignore 1 3 0 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nDockerfile 1 128 26 34 68 3\n(ULOC) 103\n-------------------------------------------------------------------------------\nHTML 1 1116 107 8 1001 0\n(ULOC) 507\n-------------------------------------------------------------------------------\nLicense 1 201 32 0 169 0\n(ULOC) 168\n───────────────────────────────────────────────────────────────────────────────\nTotal 722 48810 3135 2229 43446 2096\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 19484\nDRYness % 0.40\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,417,237\nEstimated Schedule Effort (organic) 15.70 months\nEstimated People Required (organic) 8.02\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1637670 bytes, 1.638 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:34:19Z", + "date": "2025-01-19T14:35:56Z", "repo": { "name": "github.com/measureauthoringtool/mat-drupal", "commit": "d8e85bf80cc6992e0e8e451425a50273bed618ba" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.1, "checks": [ @@ -338,7 +338,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -348,7 +348,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -358,7 +358,7 @@ "reason": "11 out of 11 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -368,7 +368,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -378,7 +378,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -388,7 +388,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -398,7 +398,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -408,7 +408,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -418,7 +418,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -428,7 +428,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -438,7 +438,7 @@ "reason": "11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -448,7 +448,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -458,7 +458,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -468,7 +468,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -478,7 +478,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -488,7 +488,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -498,7 +498,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -508,7 +508,7 @@ "reason": "5 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/mat-fhir-jpaserver/mat-fhir-jpaserver_data.json b/app/site/_data/measureauthoringtool/mat-fhir-jpaserver/mat-fhir-jpaserver_data.json index 2bd36f6d9d..abf8cd1c51 100644 --- a/app/site/_data/measureauthoringtool/mat-fhir-jpaserver/mat-fhir-jpaserver_data.json +++ b/app/site/_data/measureauthoringtool/mat-fhir-jpaserver/mat-fhir-jpaserver_data.json @@ -217,14 +217,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 13 1520 267 182 1071 101\n(ULOC) 839\n-------------------------------------------------------------------------------\nHTML 5 131 13 1 117 0\n(ULOC) 89\n-------------------------------------------------------------------------------\nXML Schema 5 4942 911 0 4031 0\n(ULOC) 1805\n-------------------------------------------------------------------------------\nProperties File 3 216 22 39 155 0\n(ULOC) 74\n-------------------------------------------------------------------------------\nXML 3 333 34 29 270 0\n(ULOC) 198\n-------------------------------------------------------------------------------\nLicense 2 402 64 0 338 0\n(ULOC) 168\n-------------------------------------------------------------------------------\nMarkdown 2 89 30 0 59 0\n(ULOC) 47\n-------------------------------------------------------------------------------\nDockerfile 1 4 0 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nJavaScript 1 1 0 0 1 4\n(ULOC) 1\n-------------------------------------------------------------------------------\nShell 1 5 2 1 2 1\n(ULOC) 4\n-------------------------------------------------------------------------------\nYAML 1 32 7 7 18 0\n(ULOC) 26\n───────────────────────────────────────────────────────────────────────────────\nTotal 37 7675 1350 259 6066 106\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3244\nDRYness % 0.42\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $179,325\nEstimated Schedule Effort (organic) 7.16 months\nEstimated People Required (organic) 2.23\n───────────────────────────────────────────────────────────────────────────────\nProcessed 615155 bytes, 0.615 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:33:10Z", + "date": "2025-01-19T14:34:44Z", "repo": { "name": "github.com/measureauthoringtool/mat-fhir-jpaserver", "commit": "3906c8c9602152f8caf4d990fd49cb4dee613721" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.9, "checks": [ @@ -234,7 +234,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -244,7 +244,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -254,7 +254,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -264,7 +264,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -274,7 +274,7 @@ "reason": "Found 1/2 approved changesets -- score normalized to 5", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -284,7 +284,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -294,7 +294,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -304,7 +304,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -314,7 +314,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -324,7 +324,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -334,7 +334,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -344,7 +344,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -354,7 +354,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -364,7 +364,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -374,7 +374,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -384,7 +384,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -394,7 +394,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -404,7 +404,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/mat-iac/mat-iac_data.json b/app/site/_data/measureauthoringtool/mat-iac/mat-iac_data.json index 0eb6d90411..14f8bf4c59 100644 --- a/app/site/_data/measureauthoringtool/mat-iac/mat-iac_data.json +++ b/app/site/_data/measureauthoringtool/mat-iac/mat-iac_data.json @@ -94,14 +94,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTerraform 9 501 77 42 382 4\n(ULOC) 299\n-------------------------------------------------------------------------------\nYAML 4 219 14 0 205 0\n(ULOC) 137\n-------------------------------------------------------------------------------\nMarkdown 1 2 0 0 2 0\n(ULOC) 3\n───────────────────────────────────────────────────────────────────────────────\nTotal 14 722 91 42 589 4\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 425\nDRYness % 0.59\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $15,495\nEstimated Schedule Effort (organic) 2.82 months\nEstimated People Required (organic) 0.49\n───────────────────────────────────────────────────────────────────────────────\nProcessed 18829 bytes, 0.019 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:33:43Z", + "date": "2025-01-19T14:35:19Z", "repo": { "name": "github.com/measureauthoringtool/mat-iac", "commit": "4e318739692c6a5159234d4061566b72f1c431cf" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.3, "checks": [ @@ -111,7 +111,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -121,7 +121,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -131,7 +131,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -141,7 +141,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -151,7 +151,7 @@ "reason": "Found 1/7 approved changesets -- score normalized to 1", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -161,7 +161,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -171,7 +171,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -181,7 +181,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -191,7 +191,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -201,7 +201,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -211,7 +211,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -221,7 +221,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -231,7 +231,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -241,7 +241,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -251,7 +251,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -261,7 +261,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -271,7 +271,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -281,7 +281,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/mat-public-website-portlets/mat-public-website-portlets_data.json b/app/site/_data/measureauthoringtool/mat-public-website-portlets/mat-public-website-portlets_data.json index 4e33fdc8b8..1fdea8d482 100644 --- a/app/site/_data/measureauthoringtool/mat-public-website-portlets/mat-public-website-portlets_data.json +++ b/app/site/_data/measureauthoringtool/mat-public-website-portlets/mat-public-website-portlets_data.json @@ -265,16 +265,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nProperties File 172 1799 44 167 1588 0\n(ULOC) 698\n-------------------------------------------------------------------------------\nXML 57 7490 476 19 6995 0\n(ULOC) 2187\n-------------------------------------------------------------------------------\nCSS 25 7012 1430 344 5238 0\n(ULOC) 1614\n-------------------------------------------------------------------------------\nJavaServer Pages 9 1089 188 123 778 48\n(ULOC) 609\n-------------------------------------------------------------------------------\nBatch 6 150 48 0 102 26\n(ULOC) 45\n-------------------------------------------------------------------------------\nJava 6 1282 287 109 886 105\n(ULOC) 649\n-------------------------------------------------------------------------------\nPlain Text 5 22 1 0 21 0\n(ULOC) 17\n-------------------------------------------------------------------------------\nShell 5 116 31 15 70 5\n(ULOC) 37\n-------------------------------------------------------------------------------\nJavaScript 4 70 16 28 26 0\n(ULOC) 18\n-------------------------------------------------------------------------------\nJSON 3 66 0 0 66 0\n(ULOC) 19\n-------------------------------------------------------------------------------\nHTML 2 6531 2170 0 4361 0\n(ULOC) 623\n-------------------------------------------------------------------------------\nSmarty Template 2 0 0 0 0 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nExtensible Styleshe… 1 280 37 0 243 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 298 26028 4740 805 20483 184\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 6595\nDRYness % 0.25\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $643,514\nEstimated Schedule Effort (organic) 11.63 months\nEstimated People Required (organic) 4.91\n───────────────────────────────────────────────────────────────────────────────\nProcessed 746124 bytes, 0.746 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:32:50Z", + "date": "2025-01-19T14:34:25Z", "repo": { "name": "github.com/measureauthoringtool/mat-public-website-portlets", "commit": "b8b3523b0f0c53a4b33f13330a357276e023a034" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 2, + "score": 2.0, "checks": [ { "details": null, @@ -282,7 +282,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -292,7 +292,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -302,7 +302,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -312,7 +312,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -322,7 +322,7 @@ "reason": "Found 1/2 approved changesets -- score normalized to 5", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -332,7 +332,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -342,7 +342,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -352,7 +352,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -362,7 +362,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -372,7 +372,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -382,7 +382,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -392,7 +392,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -402,7 +402,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -412,7 +412,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -422,7 +422,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -432,7 +432,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -442,7 +442,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -452,7 +452,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/mat-tomcat/mat-tomcat_data.json b/app/site/_data/measureauthoringtool/mat-tomcat/mat-tomcat_data.json index 75fb4c163f..d1f09fa9b7 100644 --- a/app/site/_data/measureauthoringtool/mat-tomcat/mat-tomcat_data.json +++ b/app/site/_data/measureauthoringtool/mat-tomcat/mat-tomcat_data.json @@ -126,14 +126,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nDockerfile 1 11 3 3 5 0\n(ULOC) 9\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 3 0 0 3 0\n(ULOC) 4\n-------------------------------------------------------------------------------\nXML 1 39 0 6 33 0\n(ULOC) 39\n-------------------------------------------------------------------------------\nYAML 1 28 3 0 25 0\n(ULOC) 26\n───────────────────────────────────────────────────────────────────────────────\nTotal 5 202 18 9 175 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 184\nDRYness % 0.91\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $4,332\nEstimated Schedule Effort (organic) 1.74 months\nEstimated People Required (organic) 0.22\n───────────────────────────────────────────────────────────────────────────────\nProcessed 10344 bytes, 0.010 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:33:46Z", + "date": "2025-01-19T14:35:23Z", "repo": { "name": "github.com/measureauthoringtool/mat-tomcat", "commit": "6e726e2b5c9d0ac3896acd70a556c92ff3173114" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.9, "checks": [ @@ -143,7 +143,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -153,7 +153,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -163,7 +163,7 @@ "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -173,7 +173,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -183,7 +183,7 @@ "reason": "Found 3/4 approved changesets -- score normalized to 7", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -193,7 +193,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -203,7 +203,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -213,7 +213,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -223,7 +223,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -233,7 +233,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -243,7 +243,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -253,7 +253,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -263,7 +263,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -273,7 +273,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -283,7 +283,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -293,7 +293,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -303,7 +303,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -313,7 +313,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/mat_automation_cypress/mat_automation_cypress_data.json b/app/site/_data/measureauthoringtool/mat_automation_cypress/mat_automation_cypress_data.json index 8a34448ec2..3d64663fb5 100644 --- a/app/site/_data/measureauthoringtool/mat_automation_cypress/mat_automation_cypress_data.json +++ b/app/site/_data/measureauthoringtool/mat_automation_cypress/mat_automation_cypress_data.json @@ -346,14 +346,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 185 24036 6718 1643 15675 209\n(ULOC) 5950\n-------------------------------------------------------------------------------\nJSON 15 438 16 0 422 0\n(ULOC) 337\n-------------------------------------------------------------------------------\nYAML 3 70 3 0 67 0\n(ULOC) 58\n-------------------------------------------------------------------------------\nTypeScript 2 0 0 0 0 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nDockerfile 1 29 6 4 19 6\n(ULOC) 23\n-------------------------------------------------------------------------------\nMarkdown 1 103 31 0 72 0\n(ULOC) 68\n-------------------------------------------------------------------------------\nTypeScript Typings 1 0 0 0 0 0\n(ULOC) 1\n-------------------------------------------------------------------------------\nXML 1 463 2 10 451 0\n(ULOC) 249\n───────────────────────────────────────────────────────────────────────────────\nTotal 209 25139 6776 1657 16706 215\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 6675\nDRYness % 0.27\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $519,530\nEstimated Schedule Effort (organic) 10.72 months\nEstimated People Required (organic) 4.30\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1199844 bytes, 1.200 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:33:57Z", + "date": "2025-01-19T14:35:34Z", "repo": { "name": "github.com/measureauthoringtool/mat_automation_cypress", "commit": "c5fc2ea68f417b760a6a67ba625b7b2123823f78" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.3, "checks": [ @@ -363,7 +363,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -373,7 +373,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -383,7 +383,7 @@ "reason": "2 out of 14 merged PRs checked by a CI test -- score normalized to 1", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -393,7 +393,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -403,7 +403,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -413,7 +413,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -423,7 +423,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -433,7 +433,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -443,7 +443,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -453,7 +453,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -463,7 +463,7 @@ "reason": "0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -473,7 +473,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -483,7 +483,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -493,7 +493,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -503,7 +503,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -513,7 +513,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -523,7 +523,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -533,7 +533,7 @@ "reason": "42 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/mat_automation_selenium/mat_automation_selenium_data.json b/app/site/_data/measureauthoringtool/mat_automation_selenium/mat_automation_selenium_data.json index be2c75578f..c9d0da46c5 100644 --- a/app/site/_data/measureauthoringtool/mat_automation_selenium/mat_automation_selenium_data.json +++ b/app/site/_data/measureauthoringtool/mat_automation_selenium/mat_automation_selenium_data.json @@ -189,14 +189,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nHTML 27 1459 143 112 1204 0\n(ULOC) 794\n-------------------------------------------------------------------------------\nJava 26 9490 1756 366 7368 332\n(ULOC) 4361\n-------------------------------------------------------------------------------\nGherkin Specificati… 14 2930 374 149 2407 346\n(ULOC) 1369\n-------------------------------------------------------------------------------\nXML 10 280 21 18 241 0\n(ULOC) 200\n-------------------------------------------------------------------------------\nJavaScript 5 714 46 10 658 69\n(ULOC) 379\n-------------------------------------------------------------------------------\nCSS 3 414 74 0 340 0\n(ULOC) 192\n-------------------------------------------------------------------------------\nProperties File 3 37 12 10 15 0\n(ULOC) 26\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 28 3 0 25 0\n(ULOC) 26\n───────────────────────────────────────────────────────────────────────────────\nTotal 90 15473 2441 665 12367 747\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 7420\nDRYness % 0.48\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $378,854\nEstimated Schedule Effort (organic) 9.51 months\nEstimated People Required (organic) 3.54\n───────────────────────────────────────────────────────────────────────────────\nProcessed 835393 bytes, 0.835 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:33:50Z", + "date": "2025-01-19T14:35:28Z", "repo": { "name": "github.com/measureauthoringtool/mat_automation_selenium", "commit": "d6f23fb8176999702bed251527baf7a44c71e6d5" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.5, "checks": [ @@ -206,7 +206,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -216,7 +216,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -226,7 +226,7 @@ "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -236,7 +236,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -246,7 +246,7 @@ "reason": "Found 2/6 approved changesets -- score normalized to 3", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -256,7 +256,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -266,7 +266,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -276,7 +276,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -286,7 +286,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -296,7 +296,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -306,7 +306,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -316,7 +316,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -326,7 +326,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -336,7 +336,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -346,7 +346,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -356,7 +356,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -366,7 +366,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -376,7 +376,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/mat_framework_for_vsac/mat_framework_for_vsac_data.json b/app/site/_data/measureauthoringtool/mat_framework_for_vsac/mat_framework_for_vsac_data.json index 7a1031ff01..658165d4a4 100644 --- a/app/site/_data/measureauthoringtool/mat_framework_for_vsac/mat_framework_for_vsac_data.json +++ b/app/site/_data/measureauthoringtool/mat_framework_for_vsac/mat_framework_for_vsac_data.json @@ -127,14 +127,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 11 929 113 154 662 16\n(ULOC) 479\n-------------------------------------------------------------------------------\nXML 7 514 16 114 384 0\n(ULOC) 133\n-------------------------------------------------------------------------------\nJavaServer Pages 1 13 1 0 12 0\n(ULOC) 13\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nYAML 1 28 3 0 25 0\n(ULOC) 26\n───────────────────────────────────────────────────────────────────────────────\nTotal 21 1605 145 268 1192 16\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 756\nDRYness % 0.47\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $32,485\nEstimated Schedule Effort (organic) 3.74 months\nEstimated People Required (organic) 0.77\n───────────────────────────────────────────────────────────────────────────────\nProcessed 55835 bytes, 0.056 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:31:43Z", + "date": "2025-01-19T14:33:14Z", "repo": { "name": "github.com/measureauthoringtool/mat_framework_for_vsac", "commit": "e89ccb32e36a75c85583564742f72aa674a6e2f1" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.5, "checks": [ @@ -144,7 +144,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -154,7 +154,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -164,7 +164,7 @@ "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -174,7 +174,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -184,7 +184,7 @@ "reason": "Found 3/7 approved changesets -- score normalized to 4", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -194,7 +194,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -204,7 +204,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -214,7 +214,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -224,7 +224,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -234,7 +234,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -244,7 +244,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -254,7 +254,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -264,7 +264,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -274,7 +274,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -284,7 +284,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -294,7 +294,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -304,7 +304,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -314,7 +314,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/measure-authoring-tool-frontend/measure-authoring-tool-frontend_data.json b/app/site/_data/measureauthoringtool/measure-authoring-tool-frontend/measure-authoring-tool-frontend_data.json index b13a9dd1af..74aa7019d1 100644 --- a/app/site/_data/measureauthoringtool/measure-authoring-tool-frontend/measure-authoring-tool-frontend_data.json +++ b/app/site/_data/measureauthoringtool/measure-authoring-tool-frontend/measure-authoring-tool-frontend_data.json @@ -327,16 +327,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJavaScript 123 6661 666 166 5829 101\n(ULOC) 3183\n-------------------------------------------------------------------------------\nMarkdown 57 679 299 0 380 0\n(ULOC) 226\n-------------------------------------------------------------------------------\nSVG 21 214 0 12 202 0\n(ULOC) 118\n-------------------------------------------------------------------------------\nJSON 3 101 0 0 101 0\n(ULOC) 93\n-------------------------------------------------------------------------------\nSass 2 151 23 1 127 0\n(ULOC) 98\n-------------------------------------------------------------------------------\nHTML 1 41 0 23 18 0\n(ULOC) 35\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n───────────────────────────────────────────────────────────────────────────────\nTotal 208 7968 1000 202 6766 101\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3849\nDRYness % 0.48\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $201,114\nEstimated Schedule Effort (organic) 7.48 months\nEstimated People Required (organic) 2.39\n───────────────────────────────────────────────────────────────────────────────\nProcessed 245643 bytes, 0.246 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:32:21Z", + "date": "2025-01-19T14:33:51Z", "repo": { "name": "github.com/measureauthoringtool/measure-authoring-tool-frontend", "commit": "b253f6fffb82ec57a9a0ae2a9bdb1b62bffcd5d7" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 2, + "score": 2.0, "checks": [ { "details": null, @@ -344,7 +344,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -354,7 +354,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -364,7 +364,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -374,7 +374,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -384,7 +384,7 @@ "reason": "Found 1/2 approved changesets -- score normalized to 5", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -394,7 +394,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -404,7 +404,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -414,7 +414,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -424,7 +424,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -434,7 +434,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -444,7 +444,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -454,7 +454,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -464,7 +464,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -474,7 +474,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -484,7 +484,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -494,7 +494,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -504,17 +504,17 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, "score": 0, - "reason": "144 existing vulnerabilities detected", + "reason": "145 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/measure-authoring-tool-server/measure-authoring-tool-server_data.json b/app/site/_data/measureauthoringtool/measure-authoring-tool-server/measure-authoring-tool-server_data.json index 30148e54b3..a65f755a7b 100644 --- a/app/site/_data/measureauthoringtool/measure-authoring-tool-server/measure-authoring-tool-server_data.json +++ b/app/site/_data/measureauthoringtool/measure-authoring-tool-server/measure-authoring-tool-server_data.json @@ -249,14 +249,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 596 112026 16001 24053 71972 10243\n(ULOC) 41425\n-------------------------------------------------------------------------------\nXML 322 13784 2021 450 11313 0\n(ULOC) 6323\n-------------------------------------------------------------------------------\nFreemarker Template 26 1313 193 13 1107 59\n(ULOC) 684\n-------------------------------------------------------------------------------\nXML Schema 21 15314 86 0 15228 0\n(ULOC) 4366\n-------------------------------------------------------------------------------\nExtensible Styleshe… 20 21349 1164 0 20185 0\n(ULOC) 7577\n-------------------------------------------------------------------------------\nProperties File 4 62 15 9 38 0\n(ULOC) 48\n-------------------------------------------------------------------------------\nHTML 3 137 0 1 136 0\n(ULOC) 71\n-------------------------------------------------------------------------------\nCSS 2 80 14 0 66 0\n(ULOC) 47\n-------------------------------------------------------------------------------\nSQL 2 62 9 0 53 0\n(ULOC) 46\n-------------------------------------------------------------------------------\nBatch 1 161 32 0 129 22\n(ULOC) 115\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 54 14 0 40 0\n(ULOC) 36\n-------------------------------------------------------------------------------\nShell 1 286 26 55 205 34\n(ULOC) 198\n───────────────────────────────────────────────────────────────────────────────\nTotal 1000 164749 19587 24581 120581 10358\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 60918\nDRYness % 0.37\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $4,139,407\nEstimated Schedule Effort (organic) 23.60 months\nEstimated People Required (organic) 15.58\n───────────────────────────────────────────────────────────────────────────────\nProcessed 6386261 bytes, 6.386 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:32:35Z", + "date": "2025-01-19T14:34:09Z", "repo": { "name": "github.com/measureauthoringtool/measure-authoring-tool-server", "commit": "ab0c9e55fd4050b1cfb6715e3605abb3c69befd7" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.9, "checks": [ @@ -266,7 +266,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -276,7 +276,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -286,7 +286,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -296,7 +296,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -306,7 +306,7 @@ "reason": "Found 1/2 approved changesets -- score normalized to 5", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -316,7 +316,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -326,7 +326,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -336,7 +336,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -346,7 +346,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -356,7 +356,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -366,7 +366,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -376,7 +376,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -386,7 +386,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -396,7 +396,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -406,7 +406,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -416,7 +416,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -426,7 +426,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -436,7 +436,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/measure-service/measure-service_data.json b/app/site/_data/measureauthoringtool/measure-service/measure-service_data.json index fa5551ebd0..1f9a56fb57 100644 --- a/app/site/_data/measureauthoringtool/measure-service/measure-service_data.json +++ b/app/site/_data/measureauthoringtool/measure-service/measure-service_data.json @@ -287,14 +287,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 259 38398 4555 840 33003 1229\n(ULOC) 13571\n-------------------------------------------------------------------------------\nJSON 18 11466 5 0 11461 0\n(ULOC) 3259\n-------------------------------------------------------------------------------\nYAML 9 216 31 3 182 0\n(ULOC) 165\n-------------------------------------------------------------------------------\nXML 4 632 34 29 569 0\n(ULOC) 386\n-------------------------------------------------------------------------------\nMarkdown 2 57 19 0 38 0\n(ULOC) 34\n-------------------------------------------------------------------------------\nPlain Text 2 48 16 0 32 0\n(ULOC) 28\n-------------------------------------------------------------------------------\nBatch 1 182 35 0 147 30\n(ULOC) 128\n-------------------------------------------------------------------------------\nDockerfile 1 21 7 6 8 1\n(ULOC) 15\n-------------------------------------------------------------------------------\nJavaScript 1 27 7 0 20 0\n(ULOC) 16\n-------------------------------------------------------------------------------\nProperties File 1 2 0 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nShell 1 310 26 54 230 34\n(ULOC) 212\n-------------------------------------------------------------------------------\nTOML 1 4 0 0 4 0\n(ULOC) 4\n───────────────────────────────────────────────────────────────────────────────\nTotal 300 51363 4735 932 45696 1294\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 17789\nDRYness % 0.35\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,494,401\nEstimated Schedule Effort (organic) 16.02 months\nEstimated People Required (organic) 8.29\n───────────────────────────────────────────────────────────────────────────────\nProcessed 5276978 bytes, 5.277 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:37:52Z", + "date": "2025-01-19T14:39:49Z", "repo": { "name": "github.com/measureauthoringtool/measure-service", - "commit": "03534e55b3d830b69c050053555d8e9287dd3a7e" + "commit": "3a68b984a2a0feeacc1dc5cedf65172c9e564031" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.4, "checks": [ @@ -304,7 +304,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -314,17 +314,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, "score": 10, - "reason": "11 out of 11 merged PRs checked by a CI test -- score normalized to 10", + "reason": "6 out of 6 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -334,7 +334,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -344,7 +344,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -354,7 +354,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -364,7 +364,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -374,7 +374,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -384,7 +384,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -394,7 +394,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -404,7 +404,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -414,7 +414,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -424,7 +424,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -434,7 +434,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -444,7 +444,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -454,7 +454,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -464,7 +464,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -474,7 +474,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/measure-transfer-lambda/measure-transfer-lambda_data.json b/app/site/_data/measureauthoringtool/measure-transfer-lambda/measure-transfer-lambda_data.json index 258d02bc5f..056988a77b 100644 --- a/app/site/_data/measureauthoringtool/measure-transfer-lambda/measure-transfer-lambda_data.json +++ b/app/site/_data/measureauthoringtool/measure-transfer-lambda/measure-transfer-lambda_data.json @@ -303,14 +303,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 20 1738 146 66 1526 197\n(ULOC) 1180\n-------------------------------------------------------------------------------\nJSON 17 1751 0 0 1751 0\n(ULOC) 432\n-------------------------------------------------------------------------------\nMarkdown 2 90 27 0 63 0\n(ULOC) 56\n-------------------------------------------------------------------------------\nYAML 2 66 12 2 52 0\n(ULOC) 51\n-------------------------------------------------------------------------------\nCloudFormation (YAM… 1 53 6 2 45 2\n(ULOC) 47\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nTOML 1 13 0 0 13 0\n(ULOC) 14\n───────────────────────────────────────────────────────────────────────────────\nTotal 44 3832 203 70 3559 199\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1875\nDRYness % 0.49\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $102,444\nEstimated Schedule Effort (organic) 5.79 months\nEstimated People Required (organic) 1.57\n───────────────────────────────────────────────────────────────────────────────\nProcessed 280398 bytes, 0.280 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:39:54Z", + "date": "2025-01-19T14:41:54Z", "repo": { "name": "github.com/measureauthoringtool/measure-transfer-lambda", "commit": "32d0b200355fbee05e547df58ff431346bcd8266" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.8, "checks": [ @@ -320,7 +320,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -330,7 +330,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -340,7 +340,7 @@ "reason": "12 out of 12 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -350,7 +350,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -360,7 +360,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -370,7 +370,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -380,7 +380,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -390,7 +390,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -400,7 +400,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -410,7 +410,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -420,7 +420,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -430,7 +430,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -440,7 +440,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 3", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -450,7 +450,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -460,7 +460,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -470,7 +470,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -480,7 +480,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -490,7 +490,7 @@ "reason": "4 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/measureauthoringtool/measureauthoringtool_data.json b/app/site/_data/measureauthoringtool/measureauthoringtool/measureauthoringtool_data.json index 495a1fa142..eace6482c0 100644 --- a/app/site/_data/measureauthoringtool/measureauthoringtool/measureauthoringtool_data.json +++ b/app/site/_data/measureauthoringtool/measureauthoringtool/measureauthoringtool_data.json @@ -381,14 +381,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 1398 255059 37510 41853 175696 20734\n(ULOC) 104388\n-------------------------------------------------------------------------------\nJavaScript 355 362803 30512 17511 314780 50701\n(ULOC) 103211\n-------------------------------------------------------------------------------\nJSON 68 5576 4 0 5572 0\n(ULOC) 910\n-------------------------------------------------------------------------------\nProperties File 60 24593 1575 1955 21063 0\n(ULOC) 17560\n-------------------------------------------------------------------------------\nXML 58 8008 479 416 7113 0\n(ULOC) 4106\n-------------------------------------------------------------------------------\nSass 54 9461 1326 636 7499 13\n(ULOC) 4198\n-------------------------------------------------------------------------------\nFreemarker Template 37 1690 160 13 1517 97\n(ULOC) 891\n-------------------------------------------------------------------------------\nXML Schema 21 15314 86 0 15228 0\n(ULOC) 4437\n-------------------------------------------------------------------------------\nExtensible Styleshe… 19 20454 1105 0 19349 0\n(ULOC) 7607\n-------------------------------------------------------------------------------\nCSS 11 14465 2208 541 11716 0\n(ULOC) 5850\n-------------------------------------------------------------------------------\nSVG 5 3813 1 1 3811 0\n(ULOC) 3064\n-------------------------------------------------------------------------------\nHTML 4 614 54 50 510 0\n(ULOC) 371\n-------------------------------------------------------------------------------\nMarkdown 3 295 65 0 230 0\n(ULOC) 222\n-------------------------------------------------------------------------------\nPlain Text 3 69 4 0 65 0\n(ULOC) 40\n-------------------------------------------------------------------------------\nYAML 3 66 9 2 55 0\n(ULOC) 53\n-------------------------------------------------------------------------------\nJavaServer Pages 2 49 2 0 47 0\n(ULOC) 28\n-------------------------------------------------------------------------------\nDocker ignore 1 8 0 0 8 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nDockerfile 1 20 5 0 15 7\n(ULOC) 16\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nSQL 1 3104 352 519 2233 0\n(ULOC) 1617\n-------------------------------------------------------------------------------\nShell 1 12 3 2 7 0\n(ULOC) 10\n───────────────────────────────────────────────────────────────────────────────\nTotal 2106 725594 75472 63499 586623 71552\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 257954\nDRYness % 0.36\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $21,795,777\nEstimated Schedule Effort (organic) 44.36 months\nEstimated People Required (organic) 43.65\n───────────────────────────────────────────────────────────────────────────────\nProcessed 44222592 bytes, 44.223 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:32:55Z", + "date": "2025-01-19T14:34:30Z", "repo": { "name": "github.com/measureauthoringtool/measureauthoringtool", "commit": "2d94c35db264231549d306968d7cd7f469b0ea5c" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.8, "checks": [ @@ -398,7 +398,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -408,7 +408,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -418,7 +418,7 @@ "reason": "4 out of 9 merged PRs checked by a CI test -- score normalized to 4", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -428,7 +428,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -438,7 +438,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -448,7 +448,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -458,7 +458,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -468,7 +468,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -478,7 +478,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -488,7 +488,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -498,7 +498,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -508,7 +508,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -518,7 +518,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -528,7 +528,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -538,7 +538,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -548,7 +548,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -558,7 +558,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -568,7 +568,7 @@ "reason": "18 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/measureauthoringtool_latestsprint/measureauthoringtool_latestsprint_data.json b/app/site/_data/measureauthoringtool/measureauthoringtool_latestsprint/measureauthoringtool_latestsprint_data.json index 7e3880b1c7..523608568b 100644 --- a/app/site/_data/measureauthoringtool/measureauthoringtool_latestsprint/measureauthoringtool_latestsprint_data.json +++ b/app/site/_data/measureauthoringtool/measureauthoringtool_latestsprint/measureauthoringtool_latestsprint_data.json @@ -277,14 +277,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 1188 235853 34762 44073 157018 18808\n(ULOC) 87001\n-------------------------------------------------------------------------------\nXML 367 18382 2503 753 15126 0\n(ULOC) 8621\n-------------------------------------------------------------------------------\nJavaScript 305 231032 14448 256 216328 37826\n(ULOC) 63468\n-------------------------------------------------------------------------------\nFreemarker Template 27 1332 191 13 1128 61\n(ULOC) 686\n-------------------------------------------------------------------------------\nExtensible Styleshe… 21 22266 1226 0 21040 0\n(ULOC) 7585\n-------------------------------------------------------------------------------\nXML Schema 21 15314 86 0 15228 0\n(ULOC) 4366\n-------------------------------------------------------------------------------\nCSS 6 12577 1799 286 10492 0\n(ULOC) 4251\n-------------------------------------------------------------------------------\nHTML 3 218 17 53 148 0\n(ULOC) 93\n-------------------------------------------------------------------------------\nMarkdown 3 186 32 0 154 0\n(ULOC) 145\n-------------------------------------------------------------------------------\nProperties File 3 71 24 16 31 0\n(ULOC) 46\n-------------------------------------------------------------------------------\nSQL 2 1836 256 376 1204 0\n(ULOC) 838\n-------------------------------------------------------------------------------\nJSON 1 3314 4 0 3310 0\n(ULOC) 236\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nPlain Text 1 1 0 0 1 0\n(ULOC) 2\n───────────────────────────────────────────────────────────────────────────────\nTotal 1949 542503 55360 45826 441317 56695\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 177170\nDRYness % 0.33\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $16,165,290\nEstimated Schedule Effort (organic) 39.60 months\nEstimated People Required (organic) 36.27\n───────────────────────────────────────────────────────────────────────────────\nProcessed 25898794 bytes, 25.899 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:31:35Z", + "date": "2025-01-19T14:33:05Z", "repo": { "name": "github.com/measureauthoringtool/measureauthoringtool_latestsprint", "commit": "71bf83060239e1c6e99a041c43b351e7ed6b4815" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.3, "checks": [ @@ -294,7 +294,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -304,7 +304,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -314,7 +314,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -324,7 +324,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -334,7 +334,7 @@ "reason": "Found 1/28 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -344,7 +344,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -354,7 +354,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -364,7 +364,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -374,7 +374,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -384,7 +384,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -394,7 +394,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -404,7 +404,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -414,7 +414,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -424,7 +424,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -434,7 +434,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -444,7 +444,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -454,7 +454,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -464,7 +464,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/measureauthoringtool_release/measureauthoringtool_release_data.json b/app/site/_data/measureauthoringtool/measureauthoringtool_release/measureauthoringtool_release_data.json index 49c340c890..306cf0c4ca 100644 --- a/app/site/_data/measureauthoringtool/measureauthoringtool_release/measureauthoringtool_release_data.json +++ b/app/site/_data/measureauthoringtool/measureauthoringtool_release/measureauthoringtool_release_data.json @@ -286,14 +286,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 1189 235945 34775 44091 157079 18816\n(ULOC) 87061\n-------------------------------------------------------------------------------\nXML 367 18382 2503 753 15126 0\n(ULOC) 8627\n-------------------------------------------------------------------------------\nJavaScript 305 231032 14448 256 216328 37826\n(ULOC) 63468\n-------------------------------------------------------------------------------\nFreemarker Template 27 1332 191 13 1128 61\n(ULOC) 686\n-------------------------------------------------------------------------------\nExtensible Styleshe… 21 22266 1226 0 21040 0\n(ULOC) 7585\n-------------------------------------------------------------------------------\nXML Schema 21 15314 86 0 15228 0\n(ULOC) 4366\n-------------------------------------------------------------------------------\nCSS 6 12577 1799 286 10492 0\n(ULOC) 4251\n-------------------------------------------------------------------------------\nHTML 3 218 17 53 148 0\n(ULOC) 93\n-------------------------------------------------------------------------------\nMarkdown 3 188 32 0 156 0\n(ULOC) 147\n-------------------------------------------------------------------------------\nProperties File 3 71 24 16 31 0\n(ULOC) 46\n-------------------------------------------------------------------------------\nSQL 2 1836 256 376 1204 0\n(ULOC) 838\n-------------------------------------------------------------------------------\nJSON 1 3314 4 0 3310 0\n(ULOC) 236\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nPlain Text 1 1 0 0 1 0\n(ULOC) 2\n───────────────────────────────────────────────────────────────────────────────\nTotal 1950 542597 55373 45844 441380 56703\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 177239\nDRYness % 0.33\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $16,167,713\nEstimated Schedule Effort (organic) 39.60 months\nEstimated People Required (organic) 36.27\n───────────────────────────────────────────────────────────────────────────────\nProcessed 25902428 bytes, 25.902 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:31:26Z", + "date": "2025-01-19T14:32:55Z", "repo": { "name": "github.com/measureauthoringtool/measureauthoringtool_release", "commit": "cb4c0a04c4ffa7ef8fdd46701e2d999a3910b55e" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.2, "checks": [ @@ -303,7 +303,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -313,7 +313,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -323,7 +323,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -333,7 +333,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -343,7 +343,7 @@ "reason": "Found 1/28 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -353,7 +353,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -363,7 +363,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -373,7 +373,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -383,7 +383,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -393,7 +393,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -403,7 +403,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -413,7 +413,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -423,7 +423,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -433,7 +433,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -443,7 +443,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -453,7 +453,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -463,7 +463,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -473,7 +473,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/model-info-parser/model-info-parser_data.json b/app/site/_data/measureauthoringtool/model-info-parser/model-info-parser_data.json index e1d4f375d9..9daf21271d 100644 --- a/app/site/_data/measureauthoringtool/model-info-parser/model-info-parser_data.json +++ b/app/site/_data/measureauthoringtool/model-info-parser/model-info-parser_data.json @@ -318,14 +318,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 288 14430 2025 673 11732 1095\n(ULOC) 6800\n-------------------------------------------------------------------------------\nXML 5 21811 35 4 21772 0\n(ULOC) 6253\n-------------------------------------------------------------------------------\nYAML 3 169 27 9 133 0\n(ULOC) 99\n-------------------------------------------------------------------------------\nJSON 2 98 0 0 98 0\n(ULOC) 90\n-------------------------------------------------------------------------------\nJavaScript 2 63 0 1 62 0\n(ULOC) 53\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 7 2 0 5 0\n(ULOC) 6\n───────────────────────────────────────────────────────────────────────────────\nTotal 302 36699 2101 687 33911 1095\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 13380\nDRYness % 0.36\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $1,092,579\nEstimated Schedule Effort (organic) 14.22 months\nEstimated People Required (organic) 6.82\n───────────────────────────────────────────────────────────────────────────────\nProcessed 1882285 bytes, 1.882 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:34:35Z", + "date": "2025-01-19T14:36:14Z", "repo": { "name": "github.com/measureauthoringtool/model-info-parser", "commit": "e768780ff0d95f085f6b0b4cac6dbe4175758de1" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.1, "checks": [ @@ -335,7 +335,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -345,7 +345,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -355,7 +355,7 @@ "reason": "0 out of 18 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -365,7 +365,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -375,7 +375,7 @@ "reason": "Found no human activity in the last 18 changesets", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -385,7 +385,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -395,7 +395,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -405,7 +405,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -415,7 +415,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -425,7 +425,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -435,7 +435,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -445,7 +445,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -455,7 +455,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 2", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -465,7 +465,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -475,7 +475,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -485,7 +485,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -495,7 +495,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -505,7 +505,7 @@ "reason": "18 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/package-service/package-service_data.json b/app/site/_data/measureauthoringtool/package-service/package-service_data.json index 2def973189..e147af0d07 100644 --- a/app/site/_data/measureauthoringtool/package-service/package-service_data.json +++ b/app/site/_data/measureauthoringtool/package-service/package-service_data.json @@ -154,14 +154,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 7 176 27 0 149 1\n(ULOC) 118\n-------------------------------------------------------------------------------\nXML 3 278 23 17 238 0\n(ULOC) 210\n-------------------------------------------------------------------------------\nYAML 3 78 11 3 64 0\n(ULOC) 60\n-------------------------------------------------------------------------------\nMarkdown 2 28 8 0 20 0\n(ULOC) 21\n-------------------------------------------------------------------------------\nBatch 1 188 35 0 153 27\n(ULOC) 134\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 1 316 27 54 235 35\n(ULOC) 216\n───────────────────────────────────────────────────────────────────────────────\nTotal 18 1185 143 74 968 63\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 862\nDRYness % 0.73\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $26,107\nEstimated Schedule Effort (organic) 3.44 months\nEstimated People Required (organic) 0.67\n───────────────────────────────────────────────────────────────────────────────\nProcessed 43133 bytes, 0.043 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:41:26Z", + "date": "2025-01-19T14:43:25Z", "repo": { "name": "github.com/measureauthoringtool/package-service", "commit": "81e11762c58d40a5732793f1233a704f320c9c9f" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.1, "checks": [ @@ -171,7 +171,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -181,7 +181,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -191,7 +191,7 @@ "reason": "0 out of 2 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -201,7 +201,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -211,7 +211,7 @@ "reason": "Found 1/4 approved changesets -- score normalized to 2", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -221,7 +221,7 @@ "reason": "project has 1 contributing companies or organizations -- score normalized to 3", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -231,7 +231,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -241,7 +241,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -251,7 +251,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -261,7 +261,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -271,7 +271,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -281,7 +281,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -291,7 +291,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -301,7 +301,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -311,7 +311,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -321,7 +321,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -331,7 +331,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -341,7 +341,7 @@ "reason": "37 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/packaging-utility/packaging-utility_data.json b/app/site/_data/measureauthoringtool/packaging-utility/packaging-utility_data.json index 55b760def5..5634ebf4ec 100644 --- a/app/site/_data/measureauthoringtool/packaging-utility/packaging-utility_data.json +++ b/app/site/_data/measureauthoringtool/packaging-utility/packaging-utility_data.json @@ -164,16 +164,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 12 993 128 29 836 34\n(ULOC) 579\n-------------------------------------------------------------------------------\nXML 3 281 14 5 262 0\n(ULOC) 196\n-------------------------------------------------------------------------------\nYAML 3 117 15 3 99 0\n(ULOC) 73\n-------------------------------------------------------------------------------\nJSON 1 237 0 0 237 0\n(ULOC) 146\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 26 7 0 19 0\n(ULOC) 20\n───────────────────────────────────────────────────────────────────────────────\nTotal 21 1775 176 37 1562 34\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1115\nDRYness % 0.63\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $43,147\nEstimated Schedule Effort (organic) 4.17 months\nEstimated People Required (organic) 0.92\n───────────────────────────────────────────────────────────────────────────────\nProcessed 109491 bytes, 0.109 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:41:41Z", + "date": "2025-01-19T14:43:42Z", "repo": { "name": "github.com/measureauthoringtool/packaging-utility", - "commit": "59ec7098ce1f1bc9ad7f0cae1ceaa9ebaea35852" + "commit": "fcb3a9bca5a6da05f0c1499964067ddc52b1288f" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 5.6, + "score": 5.7, "checks": [ { "details": null, @@ -181,7 +181,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -191,17 +191,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, - "score": 7, - "reason": "11 out of 15 merged PRs checked by a CI test -- score normalized to 7", + "score": 10, + "reason": "13 out of 13 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -211,7 +211,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -221,7 +221,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -231,7 +231,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -241,7 +241,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -251,7 +251,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -261,7 +261,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -271,17 +271,17 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, { "details": null, - "score": 9, - "reason": "11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9", + "score": 10, + "reason": "18 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -291,7 +291,7 @@ "reason": "packaging workflow detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -301,7 +301,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -311,7 +311,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -321,7 +321,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -331,7 +331,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -341,7 +341,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -351,7 +351,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/qdm-qicore-conversion/qdm-qicore-conversion_data.json b/app/site/_data/measureauthoringtool/qdm-qicore-conversion/qdm-qicore-conversion_data.json index a1bf452b0d..d94fec3a6f 100644 --- a/app/site/_data/measureauthoringtool/qdm-qicore-conversion/qdm-qicore-conversion_data.json +++ b/app/site/_data/measureauthoringtool/qdm-qicore-conversion/qdm-qicore-conversion_data.json @@ -228,16 +228,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 637 57412 10604 5434 41374 3178\n(ULOC) 22598\n-------------------------------------------------------------------------------\nJSON 57 141032 0 0 141032 0\n(ULOC) 16485\n-------------------------------------------------------------------------------\nXML 42 11710 349 167 11194 0\n(ULOC) 6308\n-------------------------------------------------------------------------------\nYAML 19 639 83 0 556 0\n(ULOC) 277\n-------------------------------------------------------------------------------\nDockerfile 4 44 11 0 33 10\n(ULOC) 16\n-------------------------------------------------------------------------------\nCSS 3 336 48 28 260 0\n(ULOC) 209\n-------------------------------------------------------------------------------\nJavaScript 3 704 74 43 587 127\n(ULOC) 481\n-------------------------------------------------------------------------------\nLicense 2 242 24 0 218 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nShell 2 43 5 20 18 1\n(ULOC) 36\n-------------------------------------------------------------------------------\nMarkdown 1 106 17 0 89 0\n(ULOC) 73\n-------------------------------------------------------------------------------\nProperties File 1 1 0 0 1 0\n(ULOC) 1\n───────────────────────────────────────────────────────────────────────────────\nTotal 771 212269 11215 5692 195362 3316\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 46529\nDRYness % 0.22\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $6,870,327\nEstimated Schedule Effort (organic) 28.61 months\nEstimated People Required (organic) 21.34\n───────────────────────────────────────────────────────────────────────────────\nProcessed 19542405 bytes, 19.542 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:33:14Z", + "date": "2025-01-19T14:34:48Z", "repo": { "name": "github.com/measureauthoringtool/qdm-qicore-conversion", "commit": "f04c05e452598a2a71bf4683ea5c068131c9503c" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 4, + "score": 4.0, "checks": [ { "details": null, @@ -245,7 +245,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -255,7 +255,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -265,7 +265,7 @@ "reason": "3 out of 10 merged PRs checked by a CI test -- score normalized to 3", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -275,7 +275,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -285,7 +285,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -295,7 +295,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -305,7 +305,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -315,7 +315,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -325,7 +325,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -335,7 +335,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -345,7 +345,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -355,7 +355,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -365,7 +365,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -375,7 +375,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -385,7 +385,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -395,7 +395,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -405,7 +405,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -415,7 +415,7 @@ "reason": "69 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/qrda-export-service/qrda-export-service_data.json b/app/site/_data/measureauthoringtool/qrda-export-service/qrda-export-service_data.json index 936f1fa3cf..5edbea4ec1 100644 --- a/app/site/_data/measureauthoringtool/qrda-export-service/qrda-export-service_data.json +++ b/app/site/_data/measureauthoringtool/qrda-export-service/qrda-export-service_data.json @@ -209,14 +209,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nYAML 4 109 13 7 89 0\n(ULOC) 83\n-------------------------------------------------------------------------------\nMarkdown 2 27 7 0 20 0\n(ULOC) 21\n-------------------------------------------------------------------------------\nRuby 2 354 35 32 287 10\n(ULOC) 291\n-------------------------------------------------------------------------------\nDockerfile 1 27 8 6 13 3\n(ULOC) 20\n-------------------------------------------------------------------------------\nGemfile 1 17 3 0 14 0\n(ULOC) 15\n-------------------------------------------------------------------------------\nJavaScript 1 26 6 0 20 0\n(ULOC) 15\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nRakefile 1 5 1 0 4 0\n(ULOC) 5\n-------------------------------------------------------------------------------\nRuby HTML 1 215 2 0 213 21\n(ULOC) 158\n───────────────────────────────────────────────────────────────────────────────\nTotal 14 901 87 45 769 34\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 707\nDRYness % 0.78\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $20,503\nEstimated Schedule Effort (organic) 3.14 months\nEstimated People Required (organic) 0.58\n───────────────────────────────────────────────────────────────────────────────\nProcessed 31774 bytes, 0.032 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:42:26Z", + "date": "2025-01-19T14:44:23Z", "repo": { "name": "github.com/measureauthoringtool/qrda-export-service", "commit": "f456a91a606092dc0fccb9e7233ffa76d011bb7e" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 4.4, "checks": [ @@ -226,7 +226,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -236,7 +236,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -246,7 +246,7 @@ "reason": "10 out of 10 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -256,7 +256,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -266,7 +266,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -276,7 +276,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -286,7 +286,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -296,7 +296,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -306,7 +306,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -316,7 +316,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -326,7 +326,7 @@ "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -336,7 +336,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -346,7 +346,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -356,7 +356,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -366,7 +366,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -376,7 +376,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -386,7 +386,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -396,7 +396,7 @@ "reason": "3 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/serviceutil/serviceutil_data.json b/app/site/_data/measureauthoringtool/serviceutil/serviceutil_data.json index ef837dd863..99518f0dbd 100644 --- a/app/site/_data/measureauthoringtool/serviceutil/serviceutil_data.json +++ b/app/site/_data/measureauthoringtool/serviceutil/serviceutil_data.json @@ -108,14 +108,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 4 155 44 4 107 6\n(ULOC) 84\n-------------------------------------------------------------------------------\nMarkdown 2 27 7 0 20 0\n(ULOC) 21\n-------------------------------------------------------------------------------\nXML 2 168 12 4 152 0\n(ULOC) 127\n-------------------------------------------------------------------------------\nYAML 2 79 10 2 67 0\n(ULOC) 51\n───────────────────────────────────────────────────────────────────────────────\nTotal 10 429 73 10 346 6\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 280\nDRYness % 0.65\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $8,863\nEstimated Schedule Effort (organic) 2.28 months\nEstimated People Required (organic) 0.34\n───────────────────────────────────────────────────────────────────────────────\nProcessed 13483 bytes, 0.013 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:41:36Z", + "date": "2025-01-19T14:43:36Z", "repo": { "name": "github.com/measureauthoringtool/serviceutil", "commit": "c37182aa424dd1bcf869e59c78b6ffefb784361c" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.9, "checks": [ @@ -125,7 +125,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -135,7 +135,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -145,7 +145,7 @@ "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -155,7 +155,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -165,7 +165,7 @@ "reason": "Found 1/4 approved changesets -- score normalized to 2", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -175,7 +175,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -185,7 +185,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -195,7 +195,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -205,7 +205,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -215,7 +215,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -225,7 +225,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -235,7 +235,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -245,7 +245,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -255,7 +255,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -265,7 +265,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -275,7 +275,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -285,7 +285,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -295,7 +295,7 @@ "reason": "8 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/styleguide/styleguide_data.json b/app/site/_data/measureauthoringtool/styleguide/styleguide_data.json index e87c6e1b57..59803c2048 100644 --- a/app/site/_data/measureauthoringtool/styleguide/styleguide_data.json +++ b/app/site/_data/measureauthoringtool/styleguide/styleguide_data.json @@ -76,14 +76,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 2 0 0 2 0\n(ULOC) 3\n───────────────────────────────────────────────────────────────────────────────\nTotal 2 123 12 0 111 0\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 112\nDRYness % 0.91\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $2,686\nEstimated Schedule Effort (organic) 1.45 months\nEstimated People Required (organic) 0.16\n───────────────────────────────────────────────────────────────────────────────\nProcessed 7095 bytes, 0.007 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:36:12Z", + "date": "2025-01-19T14:38:04Z", "repo": { "name": "github.com/measureauthoringtool/styleguide", "commit": "7611d5f4c8355998164b036c906d8922dba1ec3d" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 3.7, "checks": [ @@ -93,7 +93,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -103,7 +103,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -113,7 +113,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -123,7 +123,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -133,7 +133,7 @@ "reason": "Found 1/2 approved changesets -- score normalized to 5", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -143,7 +143,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -153,7 +153,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -163,7 +163,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -173,7 +173,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -183,7 +183,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -193,7 +193,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -203,7 +203,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -213,7 +213,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -223,7 +223,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -233,7 +233,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -243,7 +243,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -253,7 +253,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -263,7 +263,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/terminology-service/terminology-service_data.json b/app/site/_data/measureauthoringtool/terminology-service/terminology-service_data.json index ca5ce4d2dc..2559dfa471 100644 --- a/app/site/_data/measureauthoringtool/terminology-service/terminology-service_data.json +++ b/app/site/_data/measureauthoringtool/terminology-service/terminology-service_data.json @@ -205,14 +205,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 46 5290 590 118 4582 173\n(ULOC) 2738\n-------------------------------------------------------------------------------\nYAML 7 172 25 3 144 0\n(ULOC) 130\n-------------------------------------------------------------------------------\nXML 5 530 40 20 470 0\n(ULOC) 350\n-------------------------------------------------------------------------------\nJSON 3 232 0 0 232 0\n(ULOC) 109\n-------------------------------------------------------------------------------\nMarkdown 2 67 18 0 49 0\n(ULOC) 40\n-------------------------------------------------------------------------------\nDockerfile 1 20 5 6 9 1\n(ULOC) 16\n-------------------------------------------------------------------------------\nJavaScript 1 27 7 0 20 0\n(ULOC) 16\n-------------------------------------------------------------------------------\nXML Schema 1 41 0 0 41 0\n(ULOC) 41\n───────────────────────────────────────────────────────────────────────────────\nTotal 66 6379 685 147 5547 174\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 3429\nDRYness % 0.54\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $163,251\nEstimated Schedule Effort (organic) 6.91 months\nEstimated People Required (organic) 2.10\n───────────────────────────────────────────────────────────────────────────────\nProcessed 264719 bytes, 0.265 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:41:05Z", + "date": "2025-01-19T14:43:01Z", "repo": { "name": "github.com/measureauthoringtool/terminology-service", - "commit": "d25d0424be6f6b5eaf23be00acd96d8985c397e4" + "commit": "9846752d79d78c55baa4e90c0f5c6f26f3048f31" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 5.5, "checks": [ @@ -222,7 +222,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -232,17 +232,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, "score": 10, - "reason": "12 out of 12 merged PRs checked by a CI test -- score normalized to 10", + "reason": "11 out of 11 merged PRs checked by a CI test -- score normalized to 10", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -252,7 +252,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -262,7 +262,7 @@ "reason": "all changesets reviewed", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -272,7 +272,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -282,7 +282,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -292,7 +292,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -302,7 +302,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -312,7 +312,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -322,7 +322,7 @@ "reason": "30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -332,7 +332,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -342,7 +342,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -352,7 +352,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -362,7 +362,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -372,7 +372,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -382,7 +382,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -392,7 +392,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/test-case-service/test-case-service_data.json b/app/site/_data/measureauthoringtool/test-case-service/test-case-service_data.json index 85262599ff..c144ea2fcd 100644 --- a/app/site/_data/measureauthoringtool/test-case-service/test-case-service_data.json +++ b/app/site/_data/measureauthoringtool/test-case-service/test-case-service_data.json @@ -169,14 +169,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 9 370 61 31 278 9\n(ULOC) 253\n-------------------------------------------------------------------------------\nYAML 7 150 25 3 122 0\n(ULOC) 108\n-------------------------------------------------------------------------------\nXML 4 347 26 18 303 0\n(ULOC) 236\n-------------------------------------------------------------------------------\nBatch 1 182 35 0 147 30\n(ULOC) 128\n-------------------------------------------------------------------------------\nDockerfile 1 12 3 3 6 0\n(ULOC) 10\n-------------------------------------------------------------------------------\nMarkdown 1 1 0 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nProperties File 1 2 0 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nShell 1 310 26 54 230 34\n(ULOC) 212\n───────────────────────────────────────────────────────────────────────────────\nTotal 25 1374 176 109 1089 73\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 944\nDRYness % 0.69\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $29,544\nEstimated Schedule Effort (organic) 3.61 months\nEstimated People Required (organic) 0.73\n───────────────────────────────────────────────────────────────────────────────\nProcessed 47027 bytes, 0.047 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:39:05Z", + "date": "2025-01-19T14:41:08Z", "repo": { "name": "github.com/measureauthoringtool/test-case-service", "commit": "9fc1c0e0bc515e4e01ff0071e08ce5c0a0b5d883" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.7, "checks": [ @@ -186,7 +186,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -196,7 +196,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -206,7 +206,7 @@ "reason": "0 out of 8 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -216,7 +216,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -226,7 +226,7 @@ "reason": "Found 5/15 approved changesets -- score normalized to 3", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -236,7 +236,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -246,7 +246,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -256,7 +256,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -266,7 +266,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -276,7 +276,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -286,7 +286,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -296,7 +296,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -306,7 +306,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -316,7 +316,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -326,7 +326,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -336,7 +336,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -346,7 +346,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -356,7 +356,7 @@ "reason": "49 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/virus-scan-service/virus-scan-service_data.json b/app/site/_data/measureauthoringtool/virus-scan-service/virus-scan-service_data.json index d19298e5b0..355210b1c4 100644 --- a/app/site/_data/measureauthoringtool/virus-scan-service/virus-scan-service_data.json +++ b/app/site/_data/measureauthoringtool/virus-scan-service/virus-scan-service_data.json @@ -482,16 +482,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nTypeScript 54 2854 316 243 2295 53\n(ULOC) 1526\n-------------------------------------------------------------------------------\nJSON 5 136 0 0 136 0\n(ULOC) 123\n-------------------------------------------------------------------------------\nYAML 4 212 34 8 170 0\n(ULOC) 143\n-------------------------------------------------------------------------------\nDocker ignore 1 7 0 0 7 0\n(ULOC) 8\n-------------------------------------------------------------------------------\nDockerfile 1 23 6 3 14 4\n(ULOC) 18\n-------------------------------------------------------------------------------\nJavaScript 1 23 0 0 23 0\n(ULOC) 22\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nMarkdown 1 40 13 0 27 0\n(ULOC) 24\n-------------------------------------------------------------------------------\nPlain Text 1 1 0 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nTypeScript Typings 1 26 5 0 21 0\n(ULOC) 20\n───────────────────────────────────────────────────────────────────────────────\nTotal 70 3443 386 254 2803 57\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 1978\nDRYness % 0.57\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $79,725\nEstimated Schedule Effort (organic) 5.26 months\nEstimated People Required (organic) 1.35\n───────────────────────────────────────────────────────────────────────────────\nProcessed 111583 bytes, 0.112 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:35:29Z", + "date": "2025-01-19T14:37:15Z", "repo": { "name": "github.com/measureauthoringtool/virus-scan-service", - "commit": "ffcc8448d139862aa76c449938791cb8206ac795" + "commit": "5cb00b64b007b5721ecdccebeddf991a41d338b4" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 5.7, + "score": 6.4, "checks": [ { "details": null, @@ -499,7 +499,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -509,17 +509,17 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, { "details": null, - "score": 6, - "reason": "6 out of 9 merged PRs checked by a CI test -- score normalized to 6", + "score": 9, + "reason": "9 out of 10 merged PRs checked by a CI test -- score normalized to 9", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -529,17 +529,17 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, { "details": null, "score": 8, - "reason": "Found 8/9 approved changesets -- score normalized to 8", + "reason": "Found 8/10 approved changesets -- score normalized to 8", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -549,7 +549,7 @@ "reason": "project has 3 contributing companies or organizations -- score normalized to 10", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -559,7 +559,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -569,7 +569,7 @@ "reason": "update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -579,7 +579,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -589,17 +589,17 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, { "details": null, - "score": 1, - "reason": "2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1", + "score": 8, + "reason": "10 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 8", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -609,7 +609,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -619,7 +619,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 3", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -629,7 +629,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -639,7 +639,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -649,7 +649,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -659,17 +659,17 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, { "details": null, - "score": 9, - "reason": "1 existing vulnerabilities detected", + "score": 10, + "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/vsac-client-service/vsac-client-service_data.json b/app/site/_data/measureauthoringtool/vsac-client-service/vsac-client-service_data.json index 17faa25d6d..f8cec3c915 100644 --- a/app/site/_data/measureauthoringtool/vsac-client-service/vsac-client-service_data.json +++ b/app/site/_data/measureauthoringtool/vsac-client-service/vsac-client-service_data.json @@ -123,16 +123,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 16 1707 219 441 1047 77\n(ULOC) 795\n-------------------------------------------------------------------------------\nYAML 3 80 8 2 70 0\n(ULOC) 59\n-------------------------------------------------------------------------------\nXML 2 191 8 21 162 0\n(ULOC) 132\n-------------------------------------------------------------------------------\nMarkdown 1 1 0 0 1 0\n(ULOC) 2\n-------------------------------------------------------------------------------\nProperties File 1 10 0 1 9 0\n(ULOC) 10\n───────────────────────────────────────────────────────────────────────────────\nTotal 23 1989 235 465 1289 77\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 995\nDRYness % 0.50\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $35,266\nEstimated Schedule Effort (organic) 3.86 months\nEstimated People Required (organic) 0.81\n───────────────────────────────────────────────────────────────────────────────\nProcessed 64108 bytes, 0.064 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:38:44Z", + "date": "2025-01-19T14:40:43Z", "repo": { "name": "github.com/measureauthoringtool/vsac-client-service", "commit": "b83b0935251ea716032595ce7f022e36c3f24ead" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 2, + "score": 2.0, "checks": [ { "details": null, @@ -140,7 +140,7 @@ "reason": "no binaries found in the repo", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -150,7 +150,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -160,7 +160,7 @@ "reason": "0 out of 13 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -170,7 +170,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -180,7 +180,7 @@ "reason": "Found 0/16 approved changesets -- score normalized to 0", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -190,7 +190,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -200,7 +200,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -210,7 +210,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -220,7 +220,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -230,7 +230,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -240,7 +240,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -250,7 +250,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -260,7 +260,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -270,7 +270,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -280,7 +280,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -290,7 +290,7 @@ "reason": "Project has not signed or included provenance with any releases.", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -300,7 +300,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -310,7 +310,7 @@ "reason": "20 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/vsac-groovy-framework/vsac-groovy-framework_data.json b/app/site/_data/measureauthoringtool/vsac-groovy-framework/vsac-groovy-framework_data.json index f24e9ac337..6f6f1c5a3d 100644 --- a/app/site/_data/measureauthoringtool/vsac-groovy-framework/vsac-groovy-framework_data.json +++ b/app/site/_data/measureauthoringtool/vsac-groovy-framework/vsac-groovy-framework_data.json @@ -114,14 +114,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nGroovy 4 516 17 83 416 55\n(ULOC) 235\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nXML 1 40 1 0 39 0\n(ULOC) 39\n-------------------------------------------------------------------------------\nYAML 1 28 3 0 25 0\n(ULOC) 26\n───────────────────────────────────────────────────────────────────────────────\nTotal 7 705 33 83 589 55\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 407\nDRYness % 0.58\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $15,495\nEstimated Schedule Effort (organic) 2.82 months\nEstimated People Required (organic) 0.49\n───────────────────────────────────────────────────────────────────────────────\nProcessed 29682 bytes, 0.030 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:31:48Z", + "date": "2025-01-19T14:33:18Z", "repo": { "name": "github.com/measureauthoringtool/vsac-groovy-framework", "commit": "72a4805b44affe7cc71bc9f3d3136c7b94874fad" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.4, "checks": [ @@ -131,7 +131,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -141,7 +141,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -151,7 +151,7 @@ "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -161,7 +161,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -171,7 +171,7 @@ "reason": "Found 2/7 approved changesets -- score normalized to 2", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -181,7 +181,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -191,7 +191,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -201,7 +201,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -211,7 +211,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -221,7 +221,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -231,7 +231,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -241,7 +241,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -251,7 +251,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -261,7 +261,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -271,7 +271,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -281,7 +281,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -291,7 +291,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -301,7 +301,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/vsac/vsac_data.json b/app/site/_data/measureauthoringtool/vsac/vsac_data.json index 80c75f0cc9..0da1066995 100644 --- a/app/site/_data/measureauthoringtool/vsac/vsac_data.json +++ b/app/site/_data/measureauthoringtool/vsac/vsac_data.json @@ -94,16 +94,16 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nGroovy 3 622 20 68 534 72\n(ULOC) 262\n-------------------------------------------------------------------------------\nLicense 1 121 12 0 109 0\n(ULOC) 110\n-------------------------------------------------------------------------------\nXML 1 40 1 0 39 0\n(ULOC) 39\n───────────────────────────────────────────────────────────────────────────────\nTotal 5 783 33 68 682 72\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 409\nDRYness % 0.52\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $18,074\nEstimated Schedule Effort (organic) 2.99 months\nEstimated People Required (organic) 0.54\n───────────────────────────────────────────────────────────────────────────────\nProcessed 31181 bytes, 0.031 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:32:47Z", + "date": "2025-01-19T14:34:22Z", "repo": { "name": "github.com/measureauthoringtool/vsac", "commit": "6d0faf3a7f1451fe156f23eebb21eb200498773e" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, - "score": 2, + "score": 2.0, "checks": [ { "details": null, @@ -111,7 +111,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -121,7 +121,7 @@ "reason": "branch protection not enabled on development/release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -131,7 +131,7 @@ "reason": "0 out of 1 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -141,7 +141,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -151,7 +151,7 @@ "reason": "Found 1/2 approved changesets -- score normalized to 5", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -161,7 +161,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -171,7 +171,7 @@ "reason": "no workflows found", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -181,7 +181,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -191,7 +191,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -201,7 +201,7 @@ "reason": "license file detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -211,7 +211,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -221,7 +221,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -231,7 +231,7 @@ "reason": "no dependencies found", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -241,7 +241,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -251,7 +251,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -261,7 +261,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -271,7 +271,7 @@ "reason": "No tokens found", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -281,7 +281,7 @@ "reason": "0 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } } diff --git a/app/site/_data/measureauthoringtool/vsacterminologyserviceinterface/vsacterminologyserviceinterface_data.json b/app/site/_data/measureauthoringtool/vsacterminologyserviceinterface/vsacterminologyserviceinterface_data.json index 9bf9aa1515..3051594d0c 100644 --- a/app/site/_data/measureauthoringtool/vsacterminologyserviceinterface/vsacterminologyserviceinterface_data.json +++ b/app/site/_data/measureauthoringtool/vsacterminologyserviceinterface/vsacterminologyserviceinterface_data.json @@ -169,14 +169,14 @@ "dryness_table": "───────────────────────────────────────────────────────────────────────────────\nLanguage Files Lines Blanks Comments Code Complexity\n───────────────────────────────────────────────────────────────────────────────\nJava 3 140 16 31 93 9\n(ULOC) 108\n-------------------------------------------------------------------------------\nXML 3 292 24 17 251 0\n(ULOC) 187\n-------------------------------------------------------------------------------\nMarkdown 2 69 19 0 50 0\n(ULOC) 44\n-------------------------------------------------------------------------------\nProperties File 2 3 1 0 2 0\n(ULOC) 3\n-------------------------------------------------------------------------------\nYAML 2 42 12 2 28 0\n(ULOC) 32\n-------------------------------------------------------------------------------\nBatch 1 182 35 0 147 30\n(ULOC) 128\n-------------------------------------------------------------------------------\nDockerfile 1 9 3 2 4 0\n(ULOC) 7\n-------------------------------------------------------------------------------\nShell 1 310 26 54 230 34\n(ULOC) 212\n───────────────────────────────────────────────────────────────────────────────\nTotal 15 1047 136 106 805 73\n───────────────────────────────────────────────────────────────────────────────\nUnique Lines of Code (ULOC) 713\nDRYness % 0.68\n───────────────────────────────────────────────────────────────────────────────\nEstimated Cost to Develop (organic) $21,512\nEstimated Schedule Effort (organic) 3.20 months\nEstimated People Required (organic) 0.60\n───────────────────────────────────────────────────────────────────────────────\nProcessed 36389 bytes, 0.036 megabytes (SI)\n───────────────────────────────────────────────────────────────────────────────\n" }, "ossf_scorecard": { - "date": "2025-01-12T10:36:07Z", + "date": "2025-01-19T14:37:57Z", "repo": { "name": "github.com/measureauthoringtool/vsacterminologyserviceinterface", "commit": "02009bb3e35a5490fa6b22bc6d9eab6f57466cf7" }, "scorecard": { - "version": "v5.0.0-132-g43d5832d", - "commit": "43d5832d25ccc597a9b94926b6ad43da25204085" + "version": "v5.0.0-135-gd28512b6", + "commit": "d28512b65877e042871b0df77f2204c5f65fa76b" }, "score": 2.7, "checks": [ @@ -186,7 +186,7 @@ "reason": "binaries present in source code", "name": "Binary-Artifacts", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#binary-artifacts", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#binary-artifacts", "short": "Determines if the project has generated executable (binary) artifacts in the source repository." } }, @@ -196,7 +196,7 @@ "reason": "branch protection is not maximal on development and all release branches", "name": "Branch-Protection", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#branch-protection", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#branch-protection", "short": "Determines if the default and release branches are protected with GitHub's branch protection settings." } }, @@ -206,7 +206,7 @@ "reason": "0 out of 3 merged PRs checked by a CI test -- score normalized to 0", "name": "CI-Tests", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#ci-tests", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#ci-tests", "short": "Determines if the project runs tests before pull requests are merged." } }, @@ -216,7 +216,7 @@ "reason": "no effort to earn an OpenSSF best practices badge detected", "name": "CII-Best-Practices", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#cii-best-practices", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#cii-best-practices", "short": "Determines if the project has an OpenSSF (formerly CII) Best Practices Badge." } }, @@ -226,7 +226,7 @@ "reason": "Found 3/6 approved changesets -- score normalized to 5", "name": "Code-Review", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#code-review", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#code-review", "short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged." } }, @@ -236,7 +236,7 @@ "reason": "project has 0 contributing companies or organizations -- score normalized to 0", "name": "Contributors", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#contributors", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#contributors", "short": "Determines if the project has a set of contributors from multiple organizations (e.g., companies)." } }, @@ -246,7 +246,7 @@ "reason": "no dangerous workflow patterns detected", "name": "Dangerous-Workflow", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dangerous-workflow", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dangerous-workflow", "short": "Determines if the project's GitHub Action workflows avoid dangerous patterns." } }, @@ -256,7 +256,7 @@ "reason": "no update tool detected", "name": "Dependency-Update-Tool", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#dependency-update-tool", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#dependency-update-tool", "short": "Determines if the project uses a dependency update tool." } }, @@ -266,7 +266,7 @@ "reason": "project is not fuzzed", "name": "Fuzzing", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#fuzzing", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#fuzzing", "short": "Determines if the project uses fuzzing." } }, @@ -276,7 +276,7 @@ "reason": "license file not detected", "name": "License", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#license", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#license", "short": "Determines if the project has defined a license." } }, @@ -286,7 +286,7 @@ "reason": "project is archived", "name": "Maintained", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#maintained", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#maintained", "short": "Determines if the project is \"actively maintained\"." } }, @@ -296,7 +296,7 @@ "reason": "packaging workflow not detected", "name": "Packaging", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#packaging", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#packaging", "short": "Determines if the project is published as a package that others can easily download, install, easily update, and uninstall." } }, @@ -306,7 +306,7 @@ "reason": "dependency not pinned by hash detected -- score normalized to 0", "name": "Pinned-Dependencies", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#pinned-dependencies", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#pinned-dependencies", "short": "Determines if the project has declared and pinned the dependencies of its build process." } }, @@ -316,7 +316,7 @@ "reason": "SAST tool is not run on all commits -- score normalized to 0", "name": "SAST", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#sast", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#sast", "short": "Determines if the project uses static code analysis." } }, @@ -326,7 +326,7 @@ "reason": "security policy file not detected", "name": "Security-Policy", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#security-policy", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#security-policy", "short": "Determines if the project has published a security policy." } }, @@ -336,7 +336,7 @@ "reason": "no releases found", "name": "Signed-Releases", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#signed-releases", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#signed-releases", "short": "Determines if the project cryptographically signs release artifacts." } }, @@ -346,7 +346,7 @@ "reason": "detected GitHub workflow tokens with excessive permissions", "name": "Token-Permissions", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#token-permissions", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#token-permissions", "short": "Determines if the project's workflows follow the principle of least privilege." } }, @@ -356,7 +356,7 @@ "reason": "57 existing vulnerabilities detected", "name": "Vulnerabilities", "documentation": { - "url": "https://github.com/ossf/scorecard/blob/43d5832d25ccc597a9b94926b6ad43da25204085/docs/checks.md#vulnerabilities", + "url": "https://github.com/ossf/scorecard/blob/d28512b65877e042871b0df77f2204c5f65fa76b/docs/checks.md#vulnerabilities", "short": "Determines if the project has open, known unfixed vulnerabilities." } }