ossf/wg-securing-critical-projects

Issues

• Consider OpenSC as a critical project

  #93 opened 3 months ago by jeffmendoza
  0

• Adopt "Census I" as an archived Project/SIG under this WG

  #89 opened 7 months ago by jeffmendoza
  7

• [INFORM] Allstar joining the OpenSSF Scorecard project

  #90 opened 7 months ago by justaugustus
  2

• Links in the main Readme are broken

  #80 opened a year ago by ThisIsNotANamepng
  0

• Need to link from README to list

  #30 opened 3 years ago by david-a-wheeler
  3

• Include the purls of the software in the list

  #74 opened a year ago by andrewpollock
  1

• What does the "apache" in the critical projects list mean?

  #62 opened 2 years ago by fredgan
  1

• Adopt the Alpha-Omega 10k critical OSS Projects list under this WG

  #66 opened 2 years ago by JLLeitschuh
  5

• Google sheet restrictions

  #68 opened 2 years ago by zmanion
  8

• The critical project `minimist` in the github is gone with 404

  #63 opened 2 years ago by fredgan
  2

• Consider adding (and tracking) the components necessary to produce and update ca-certificates and tzdata

  #43 opened 3 years ago by bureado
  3

• FreeBSD and related projects are critical

  #50 opened 3 years ago by Jehops
  1

• Consider adding sqlite, libpng, zlib, libjpeg, libarchive, zstd, openssh and busybox

  #42 opened 2 years ago by bureado
  2

• Add NIST definition of critical software per EO

  #27 opened 2 years ago by david-a-wheeler
  2

• WG Charter updates

  #52 opened 2 years ago by SecurityCRob
  5

• Project for consideration

  #47 opened 2 years ago by ralight
  4

• List of Critical Projects links

  #55 opened 2 years ago by edelsohn
  3

• 404 on README page

  #60 opened 2 years ago by StefanSchroeder
  0

• Presentation from 2020: broken link to subsystems that don't tag for stable (slide 25)

  #22 opened 4 years ago by kdave
  7

• Typo in critical projects spreadsheet for homebrew-cask

  #57 opened 2 years ago by varunsh-coder
  2

• update description field in .github/settings.yml

  #16 opened 4 years ago by kaywilliams
  1

• xkcd copyright/license violation (lack of attribution) in README

  #48 opened 3 years ago by pwolanin
  2

• Consider adding the software described in OIN's Linux System table

  #40 opened 3 years ago by bureado
  1

• Weekly meetings

  #5 opened 3 years ago by DixonDalmeida
  5

• Quick note: Linux kernel reviews

  #8 opened 3 years ago by david-a-wheeler
  3

• curl/libcurl official docker image relevance ?

  #51 opened 3 years ago by xquery
  0

• Clarify which parts of a multi-component project are in scope

  #46 opened 3 years ago by bureado
  0

• Consider adding (and tracking) packages from the Civil Infrastructure Platform (CIP)

  #39 opened 3 years ago by bureado
  1

• Provide a machine-readable version of the list under source control

  #45 opened 3 years ago by bureado
  0

• Consider using functional tagging to identify projects critical to trust

  #44 opened 3 years ago by bureado
  0

• Some possible data sources to identify package managers, build systems and compilers (build toolchain)

  #41 opened 3 years ago by bureado
  0

• Critical projects from the low-level/embedded space

  #36 opened 3 years ago by mrybczyn
  5

• Add Digital Public Goods registry to how to id critical projects

  #26 opened 3 years ago by david-a-wheeler
  0

• Governance

  #23 opened 4 years ago by vielmetti
  0

• Criticality Badge

  #21 opened 4 years ago by jqnatividad
  0

• Criticality Score badge

  #20 opened 4 years ago by jqnatividad
  0

• CII Census Work

  #14 opened 4 years ago by dlorenc
  5

• Slack Channel

  #10 opened 4 years ago by xmunoz
  3

• Link to meeting recordings?

  #11 opened 4 years ago by xmunoz
  2

• Schedule first weekly meeting!

  #6 opened 4 years ago by dlorenc
  2

• The email group doesn't appear to be public

  #4 opened 4 years ago by craiglpeters
  3