Security Scorecards

GPTKB entity

Statements (55)
Predicate Object
gptkbp:instanceOf gptkb:software
gptkbp:category gptkb:DevSecOps
open source security
software supply chain security
gptkbp:checksFor gptkb:software
gptkb:SAST
code review
vulnerabilities
CI tests
CII Best Practices
binary artifacts
branch protection
contributor count
dangerous workflow permissions
dependency update tool
fuzzing
maintained status
pinned dependencies
signed releases
token permissions
gptkbp:contributedTo gptkb:GitHub
gptkb:Google
gptkb:Microsoft
community contributors
gptkbp:developedBy gptkb:OpenSSF
gptkbp:documentation https://github.com/ossf/scorecard/blob/main/docs/checks.md
gptkbp:feature CI/CD integration
JSON and SARIF output formats
automated checks
security score output
gptkbp:firstReleased 2020
gptkbp:format gptkb:SARIF
gptkb:JSON
human-readable
https://www.w3.org/2000/01/rdf-schema#label Security Scorecards
gptkbp:integration gptkb:OpenSSF_Allstar
gptkb:GitHub_Actions
gptkb:OpenSSF_Best_Practices_Badge
CI/CD pipelines
gptkbp:language gptkb:Go
gptkbp:license gptkb:Apache_License_2.0
gptkbp:platform gptkb:GitHub
gptkb:Bitbucket
gptkb:GitLab
gptkbp:purpose assess open source project security
automated security tool
gptkbp:relatedTo gptkb:OpenSSF_Allstar
gptkb:OpenSSF_Best_Practices_Badge
gptkb:OpenSSF
gptkbp:repository https://github.com/ossf/scorecard
gptkbp:status active
gptkbp:usedBy gptkb:GitHub_Actions
gptkb:OpenSSF_Best_Practices_Badge
gptkbp:bfsParent gptkb:Open_Source_Security_Foundation
gptkbp:bfsLayer 5