You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My name is Kavoi. I am a member of a team of graduate students at Harvard University that are working in collaboration with OpenSSF and the Linux Foundation. You can help us graduate (and contribute to OSS security) by participating in our study!
What we’re studying
We are studying adoption of the Open Source Project Security (OSPS) Baseline, focusing only on practices from the first maturity level.
Many of these practices can be measured automatically using publicly available project artifacts. To support this work, we are developing BaseJump, an open source tool that gathers metadata about observable security practices in OSS projects.
Why we contacted this project
Your project was identified using an automated risk-estimation approach (inspired by the methodology of the first Linux Foundation Open Source Census initiative) to identify widely used and security-relevant projects.
Where you can help
A small number of OSPS Baseline practices cannot be measured from public artifacts alone. To help fill in those gaps, we are inviting maintainers to optionally complete a short questionnaire.
Estimated time: 5–10 minutes
Participation is completely optional
The goal is to understand ecosystem-level adoption of security practices, not to audit or evaluate individual projects
If you’re open to participating, please let us know and we will share the questionnaire.
Thank you for maintaining this project and for your contributions to the open source community.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hello!
My name is Kavoi. I am a member of a team of graduate students at Harvard University that are working in collaboration with OpenSSF and the Linux Foundation. You can help us graduate (and contribute to OSS security) by participating in our study!
What we’re studying
We are studying adoption of the Open Source Project Security (OSPS) Baseline, focusing only on practices from the first maturity level.
Many of these practices can be measured automatically using publicly available project artifacts. To support this work, we are developing BaseJump, an open source tool that gathers metadata about observable security practices in OSS projects.
Why we contacted this project
Your project was identified using an automated risk-estimation approach (inspired by the methodology of the first Linux Foundation Open Source Census initiative) to identify widely used and security-relevant projects.
Where you can help
A small number of OSPS Baseline practices cannot be measured from public artifacts alone. To help fill in those gaps, we are inviting maintainers to optionally complete a short questionnaire.
Estimated time: 5–10 minutes
Participation is completely optional
The goal is to understand ecosystem-level adoption of security practices, not to audit or evaluate individual projects
If you’re open to participating, please let us know and we will share the questionnaire.
Thank you for maintaining this project and for your contributions to the open source community.
Beta Was this translation helpful? Give feedback.
All reactions