Enrich SBOM data based on OSSF Security Score Card
- Mentors
- Philippe Ombredanne, ayansinha, TG1999, Thomas Druez
- Organization
- AboutCode
- Technologies
- python, django, rest api, Pytest, openssf, Google Big Query
- Topics
- cybersecurity, Vulnerability Analysis
I am developing a pypi package which will be responsible for calling OpenSSF scorecard API or CLI with an open-source github link and fetching the data from there and store it in database or wherever it is needed.
This is required to enhance the SBOM data for popular open-source packages and give some more insights on the packages used in a codebase. It serves as a meaningful addition to the ScanCode database and the users using it.