A package to fetch data from OpenSSF Scorecard API

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for 404-geek from gravatar.com 404-geek Avatar for aboutcode-publisher from gravatar.com aboutcode-publisher Avatar for ayansinha from gravatar.com ayansinha Avatar for pombredanne from gravatar.com pombredanne

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache-2.0
  • Author: nexB. Inc. and others
  • Tags Scorecard , ScoreCode , OpenSSF , OSSF , Vulnerablity Analysis
  • Requires: Python >=3.8
  • Provides-Extra: docs , testing
Classifiers
Report project as malware

Project description

ScoreCode is a tool for assessing the security and compliance of software projects. It evaluates various aspects of a project’s security posture and generates a scorecard to help organizations understand the security risks associated with the software.

Features: - Automated security assessment - Comprehensive scoring based on multiple criteria - Easy integration with existing workflows - Supports various platforms and repositories

Installation

To install Scorecard, you can use pip:

pip install scorecode

Usage

To use Scorecard, you need to call the fetch_scorecard function with the appropriate parameters. Below is a basic usage example:

from scorecode.ossf_scorecard import fetch_scorecard

# Fetch the scorecard data for a specific platform org and repo
data = fetch_scorecard(platform="github.com", org="nexB", repo="scancode-toolkit")

# Print the results
print("Scoring Tool:", data.scoring_tool)
print("Scoring Tool Version:", data.scoring_tool_version)
print("Score Date:", data.score_date)
print("Score:", data.score)
print("Documentation URL:", data.scoring_tool_documentation_url)

Testing

To run the tests, use pytest. Ensure that all dependencies are installed and then execute:

make test

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for 404-geek from gravatar.com 404-geek Avatar for aboutcode-publisher from gravatar.com aboutcode-publisher Avatar for ayansinha from gravatar.com ayansinha Avatar for pombredanne from gravatar.com pombredanne

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache-2.0
  • Author: nexB. Inc. and others
  • Tags Scorecard , ScoreCode , OpenSSF , OSSF , Vulnerablity Analysis
  • Requires: Python >=3.8
  • Provides-Extra: docs , testing
Classifiers

Release history Release notifications | RSS feed

This version

0.0.4

0.0.3

0.0.2

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

scorecode-0.0.4.tar.gz (67.9 kB view details)

Uploaded Source

Built Distribution

scorecode-0.0.4-py3-none-any.whl (12.2 kB view details)

Uploaded Python 3

File details

Details for the file scorecode-0.0.4.tar.gz.

File metadata

  • Download URL: scorecode-0.0.4.tar.gz
  • Upload date:
  • Size: 67.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for scorecode-0.0.4.tar.gz
Algorithm Hash digest
SHA256 4a7b3bc4fa600ed2f26f0737e4a5b6fc445dfce8b61a4bee894495794f6cad4b
MD5 b995ce886a2cfff84743c48240e3260d
BLAKE2b-256 76f5a02d0c9fb01e0fa358aefcb0e7c8876d32af60f067844cf3474872cf2123

See more details on using hashes here.

File details

Details for the file scorecode-0.0.4-py3-none-any.whl.

File metadata

  • Download URL: scorecode-0.0.4-py3-none-any.whl
  • Upload date:
  • Size: 12.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for scorecode-0.0.4-py3-none-any.whl
Algorithm Hash digest
SHA256 5aa015ced4f3a5cf89d631c43b385114ab6634dc555553f48f2a26a4679a5135
MD5 b7022c52be8412f0a68edd826f222087
BLAKE2b-256 4d7d5ff7b97ec64920984cd8d9ed0c0f219e735b02a9d98e65b4b27811cb0fed

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page