A package to fetch data from OpenSSF Scorecard API
Project description
ScoreCode is a tool for assessing the security and compliance of software projects. It evaluates various aspects of a project’s security posture and generates a scorecard to help organizations understand the security risks associated with the software.
Features: - Automated security assessment - Comprehensive scoring based on multiple criteria - Easy integration with existing workflows - Supports various platforms and repositories
Installation
To install Scorecard, you can use pip:
pip install scorecodeUsage
To use Scorecard, you need to call the fetch_scorecard function with the appropriate parameters. Below is a basic usage example:
from scorecode.ossf_scorecard import fetch_scorecard
# Fetch the scorecard data for a specific platform org and repo
data = fetch_scorecard(platform="github.com", org="nexB", repo="scancode-toolkit")
# Print the results
print("Scoring Tool:", data.scoring_tool)
print("Scoring Tool Version:", data.scoring_tool_version)
print("Score Date:", data.score_date)
print("Score:", data.score)
print("Documentation URL:", data.scoring_tool_documentation_url)Testing
To run the tests, use pytest. Ensure that all dependencies are installed and then execute:
make testRelease history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for scorecode-0.0.2-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | fa5661b9712b0edd45c16eedd1aa094c4d4166118aa211874db00b2496ea4293 |
|
| MD5 | aeb766ab331ecc5549449d9a09e55580 |
|
| BLAKE2b-256 | 272b1ec8e9adb0e222db23cb2c0a698af1b396a41c82975f70b7f365323d0b9f |
