{"id":18508452,"url":"https://github.com/ossf/scorecard-visualizer","last_synced_at":"2025-04-09T03:32:05.620Z","repository":{"id":153865103,"uuid":"627902304","full_name":"ossf/scorecard-visualizer","owner":"ossf","description":"Tool for visualizing the Open SSF Scorecard Api data in a human friendly way","archived":false,"fork":false,"pushed_at":"2025-04-02T07:42:48.000Z","size":43901,"stargazers_count":15,"open_issues_count":12,"forks_count":5,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-02T13:17:41.715Z","etag":null,"topics":["openssf","openssf-scorecard"],"latest_commit_sha":null,"homepage":"https://ossf.github.io/scorecard-visualizer/#/projects/github.com/ossf/scorecard-visualizer","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ossf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-14T13:00:48.000Z","updated_at":"2025-03-31T12:20:08.000Z","dependencies_parsed_at":null,"dependency_job_id":"ae20c364-7e4f-4fe7-9b4c-24cf96b182b8","html_url":"https://github.com/ossf/scorecard-visualizer","commit_stats":null,"previous_names":["ossf/scorecard-visualizer"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fscorecard-visualizer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fscorecard-visualizer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fscorecard-visualizer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fscorecard-visualizer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ossf","download_url":"https://codeload.github.com/ossf/scorecard-visualizer/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247973832,"owners_count":21026735,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["openssf","openssf-scorecard"],"created_at":"2024-11-06T15:14:24.265Z","updated_at":"2025-04-09T03:32:02.172Z","avatar_url":"https://github.com/ossf.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OSSF Scorecard Visualizer\n\nThe OpenSSF Scorecard Monitor Visualizer is a tool that provides a visual representation of the OpenSSF Scorecard data for monitoring the security status of open source projects. It fetches the scorecard data from the [OpenSSF Scorecard API](https://api.securityscorecards.dev/#/results) and presents it in a user-friendly and interactive visual format.\n\nThe Visualizer is part of the [OpenSSF Scorecard Monitor](https://github.com/UlisesGascon/openssf-scorecard-monitor), where you can access to the features.\n\n## Features\n\n### Scorecard Data Visualizer\n\nDisplay the OpenSSF Scorecard data in a visual format for easy understanding and analysis.\n\n\u003cbr\u003e\n    \u003cdiv\u003e\n        \u003cimg src='.github/other/demo1.gif' alt=\"visualizer-in-action\"/\u003e\n    \u003c/div\u003e\n\u003c/br\u003e\n\n### Scorecard Data Comparator\n\nCompare between two commits that reported Scorecard data. See how the scores changed and further details.\n\n\u003cbr\u003e\n    \u003cdiv\u003e\n        \u003cimg src='.github/other/gif_comparator.gif' alt=\"comparator-in-action\"/\u003e\n    \u003c/div\u003e\n\u003c/br\u003e\n\n### Scorecard Data Comparator Diff\n\nMakes easier the visualization of the differences in the Scorecard comparator reasoning and details.\n\n\u003cbr\u003e\n    \u003cdiv\u003e\n        \u003cimg src='.github/other/comparator-diff1.png' alt=\"comparator-diff-reasoning\"/\u003e\n    \u003c/div\u003e\n        \u003cdiv\u003e\n        \u003cimg src='.github/other/comparator-diff2.png' alt=\"comparator-diff-details\"/\u003e\n    \u003c/div\u003e\n\u003c/br\u003e\n\n### Support to GitLab repositories\n\nThe project provides support of visualization and diff comparation for GitLab projects. In the GitLab version, deps.dev and step security links are not included, as those platforms don't support GitLab projects yet.\n\n\u003cbr\u003e\n    \u003cdiv\u003e\n        \u003cimg src='.github/other/gitlab-support.png' alt=\"visualizer-for-gitlab-repos\"/\u003e\n    \u003c/div\u003e\n\u003c/br\u003e\n\n### Discrepancies management\n\nThe Scorecard API can provide discrepancies in the data while comparing between two commits due [technical reasons](https://github.com/ossf/scorecard/issues/3438). The visualizer provides a way to showcase the discrepancies found.\n\n\u003cbr\u003e\n    \u003cdiv\u003e\n        \u003cimg src='.github/other/discrepancies.png' alt=\"discrepancies preview\"/\u003e\n    \u003c/div\u003e\n\u003c/br\u003e\n\n## How to use it\n\nThe Visualizer and the Comparator can be used outside the Monitor.\n\nYou have 3 options of visualization. Depending on which one you want to check, you should craft your own url as:\n\n- Checks the latest Scorecard data available for a project: `https://ossf.github.io/scorecard-visualizer/#/projects/${platform}/${org}/${repo}`\n- Checks the Scorecard data for an specific commit (previously reported): `https://ossf.github.io/scorecard-visualizer/#/projects/${platform}/${org}/${repo}/commit/{commitHash}`\n- Compares two specific commits, previously reported: `https://ossf.github.io/scorecard-visualizer/#/projects/github.com/nodejs/node/compare/{prevCommitHash}/{currentCommitHash}`\n\n\u003e 👉 Please note that in order to retrieve data from the Scorecard API, it is necessary for organizations or repository owners to report their commits to the Scorecard. However, it's important to keep in mind that not all organizations report their commits, which may result in a `404 error` if the data is not available in the API. Please be aware that this behavior is expected and not indicative of a bug.\n\n### Examples\n\n- [Nodejs latest repository Scorecard](https://ossf.github.io/scorecard-visualizer/#/projects/github.com/nodejs/node)\n- [Nodejs specific commit Scorecard](https://ossf.github.io/scorecard-visualizer/#/projects/github.com/nodejs/node/commit/da80964a3d708ef3ae42d4424034f155ad37e07d)\n- [Nodejs reported commits comparation](https://ossf.github.io/scorecard-visualizer/#/projects/github.com/nodejs/node/compare/2ac5e9889aba461f5a54d320973d2574980d206b/da80964a3d708ef3ae42d4424034f155ad37e07d)\n\n## Contributing\n\nContributions are welcome! If you would like to contribute to the OpenSSF Scorecard Monitor Visualizer project, please follow these steps:\n\n1. Fork the repository.\n2. Create a new branch for your feature or bug fix.\n3. Make your changes and ensure that the code is properly formatted.\n4. Write tests to cover your changes if applicable.\n5. Commit your changes and push them to your forked repository.\n6. Submit a pull request to the main repository, explaining your changes and providing any relevant details.\n\n## License\n\nThis project is licensed under the [Apache License Version 2.0](LICENSE).\n\n## Support\n\nIf you encounter any issues or have questions about the OpenSSF Scorecard Monitor Visualizer, please [open an issue](https://github.com/ossf/scorecard-visualizer/issues/new) on the GitHub repository.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossf%2Fscorecard-visualizer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fossf%2Fscorecard-visualizer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossf%2Fscorecard-visualizer/lists"}