scorecode

A package to fetch data from OpenSSF Scorecard API

These details have been verified by PyPI

Maintainers

404-geek aboutcode-publisher ayansinha pombredanne

These details have not been verified by PyPI

Project links

Homepage

Development Status
- 4 - Beta
Intended Audience
- Developers
Operating System
- OS Independent
Programming Language
Topic
- Software Development :: Libraries
- Utilities
Typing
- Typed

Project description

ScoreCode is a tool for assessing the security and compliance of software projects. It evaluates various aspects of a project’s security posture and generates a scorecard to help organizations understand the security risks associated with the software.

Features: - Automated security assessment - Comprehensive scoring based on multiple criteria - Easy integration with existing workflows - Supports various platforms and repositories

Installation

To install Scorecard, you can use pip:

pip install scorecode

Usage

To use Scorecard, you need to call the fetch_scorecard function with the appropriate parameters. Below is a basic usage example:

from scorecode.ossf_scorecard import fetch_scorecard

# Fetch the scorecard data for a specific platform org and repo
data = fetch_scorecard(platform="github.com", org="nexB", repo="scancode-toolkit")

# Print the results
print("Scoring Tool:", data.scoring_tool)
print("Scoring Tool Version:", data.scoring_tool_version)
print("Score Date:", data.score_date)
print("Score:", data.score)
print("Documentation URL:", data.scoring_tool_documentation_url)

Testing

To run the tests, use pytest. Ensure that all dependencies are installed and then execute:

make test

Project details

These details have been verified by PyPI

Maintainers

404-geek aboutcode-publisher ayansinha pombredanne

These details have not been verified by PyPI

Project links

Homepage

Development Status
- 4 - Beta
Intended Audience
- Developers
Operating System
- OS Independent
Programming Language
Topic
- Software Development :: Libraries
- Utilities
Typing
- Typed

Release history Release notifications | RSS feed

This version

0.0.2

Aug 23, 2024

0.0.1

Aug 23, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

scorecode-0.0.2.tar.gz (68.8 kB view details)

Uploaded Aug 23, 2024 Source

Built Distribution

scorecode-0.0.2-py3-none-any.whl (11.9 kB view details)

Uploaded Aug 23, 2024 Python 3

File details

Details for the file scorecode-0.0.2.tar.gz.

File metadata

Download URL: scorecode-0.0.2.tar.gz
Upload date: Aug 23, 2024
Size: 68.8 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.1.1 CPython/3.8.0

File hashes

Hashes for scorecode-0.0.2.tar.gz
Algorithm	Hash digest
SHA256	`0a2ea089f2d760f60eefd47b2e2133e99296a22e6162de40d39ecf8d61d457f1`
MD5	`70f52975ca5fd73ee71d4b0b9e3cae36`
BLAKE2b-256	`2d719cdac7d330528a644b71df5fde9ee659868c4f439a3b563beba25bb02094`

See more details on using hashes here.

File details

Details for the file scorecode-0.0.2-py3-none-any.whl.

File metadata

Download URL: scorecode-0.0.2-py3-none-any.whl
Upload date: Aug 23, 2024
Size: 11.9 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.1.1 CPython/3.8.0

File hashes

Hashes for scorecode-0.0.2-py3-none-any.whl
Algorithm	Hash digest
SHA256	`fa5661b9712b0edd45c16eedd1aa094c4d4166118aa211874db00b2496ea4293`
MD5	`aeb766ab331ecc5549449d9a09e55580`
BLAKE2b-256	`272b1ec8e9adb0e222db23cb2c0a698af1b396a41c82975f70b7f365323d0b9f`