{"id":13527976,"url":"https://github.com/ossf/secure-sw-dev-fundamentals","last_synced_at":"2025-04-12T21:29:46.268Z","repository":{"id":37348122,"uuid":"303472227","full_name":"ossf/secure-sw-dev-fundamentals","owner":"ossf","description":"Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)","archived":false,"fork":false,"pushed_at":"2025-03-13T15:28:07.000Z","size":31697,"stargazers_count":194,"open_issues_count":36,"forks_count":50,"subscribers_count":25,"default_branch":"main","last_synced_at":"2025-04-04T01:16:35.187Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"CSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc-by-4.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ossf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-10-12T18:00:40.000Z","updated_at":"2025-03-20T02:06:27.000Z","dependencies_parsed_at":"2024-01-13T22:54:44.933Z","dependency_job_id":"1f6a5ad8-bad1-47df-9119-1ea2fbbd93d8","html_url":"https://github.com/ossf/secure-sw-dev-fundamentals","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fsecure-sw-dev-fundamentals","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fsecure-sw-dev-fundamentals/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fsecure-sw-dev-fundamentals/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fsecure-sw-dev-fundamentals/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ossf","download_url":"https://codeload.github.com/ossf/secure-sw-dev-fundamentals/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248634613,"owners_count":21137078,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T06:02:09.083Z","updated_at":"2025-04-12T21:29:46.237Z","avatar_url":"https://github.com/ossf.png","language":"CSS","funding_links":[],"categories":["CSS"],"sub_categories":[],"readme":"# secure-sw-dev-fundamentals: Developing Secure Software (LFD121) course\n\nThis repository is for maintaining the content of the\n[Developing Secure Software (LFD121) course](https://training.linuxfoundation.org/training/developing-secure-software-lfd121/),\naka the *Secure Software Development Fundamentals* course.\n\nThis course is overseen by the [Open Source Security Foundation (OpenSSF) Best Practices Working Group (WG)](https://github.com/ossf/wg-best-practices-os-developers).\n\n## If you want to LEARN\n\nIf you want to *learn*, you're in the *wrong place*.\n\nInstead, *please* go to the\n**[Developing Secure Software (LFD121) entry page](https://training.linuxfoundation.org/training/developing-secure-software-lfd121/)**\nso you can learn how to develop secure software.\nIt's free, and its certificate of completion is free.\n\nThe [OpenSSF page about this course](https://openssf.org/training/courses/) provides some broader context about the course.\nThe learning material also available via [edX](http://edx.org/professional-certificate/linuxfoundationx-secure-software-development-fundamentals?utm_medium=partner-marketing\u0026utm_source=affiliate\u0026utm_campaign=openssf\u0026utm_content=openssforg-securedevelopmentpc). but the edX certificate of completion is not free.\n\n## This repository is for maintaining the course content\n\nThis repository is primarily intended for those\nwho *maintain* the course content and those who want to *propose a change*.\nIf you want to use its content in special ways, this might also be a\nuseful repository for you.\n\nIf you see something in the course content that you think should be changed, please **[file an issue](https://github.com/ossf/secure-sw-dev-fundamentals/issues)** or (even better) **[create a pull request](https://github.com/ossf/secure-sw-dev-fundamentals/pulls)**.\n\nPlease see **[*Secure Software Development Fundamentals* content in Markdown format](secure_software_development_fundamentals.md)** for the main **text** content of the course (in this repository). The text embeds references to images that are also in this repository.\n\nThe course as delivered includes some videos.\nThose files are very large, so they aren't stored in this repository.\nSee the\n[repository with the corresponding videos](https://github.com/ossf/secure-sw-dev-videos).\n\n## Details\n\n\u003cimg src=\"by.svg\" width=\"60\" height=\"21\" alt=\"CC-BY\"\u003eThis informational content is released under the [Creative Commons Attribution License (CC-BY) version 4.0](https://creativecommons.org/licenses/by/4.0/legalcode.txt), so you can reuse it in many ways. We want you to use this information! There are some \u003cb\u003eexceptions\u003c/b\u003e: we quote some images (such as from xkcd) which are under their own licenses. Also, to counter cheating we do not release certain testing materials this way at all (so they are not in this repository). Note that we update this material, so you should be prepared for updates if you use a significant portion of it.\n\nIf you earn a certificate of completion for the course via the Linux Foundation (LF) Training, you can show off the [digital credentials (badges) you've earned](https://training.linuxfoundation.org/badges-2/). Similarly, if you earn a course certificate or program certificate on edX, you can [show your edX certificates](https://www.edx.org/verified-certificate).\n\nIf you want to propose changes to the content, as noted above\nthe preferred mechanism is\nto file [issues](https://github.com/ossf/secure-sw-dev-fundamentals/issues) for general suggestions and provide [pull requests](https://github.com/ossf/secure-sw-dev-fundamentals/pulls) for specific changes, in both cases to this\n[secure-sw-dev-fundamentals](https://github.com/ossf/secure-sw-dev-fundamentals)\nproject. Changes that are accepted into the Markdown must go through a series of internal steps in coordination with LF Training \u0026amp; Certification so that the changes will be deployed to both the LF Training and edX platforms.\n\nChanges to the markdown must have no errors reported by `markdownlint` using our configuration. This is checked when a pull request is made. You can do this check locally by installing markdownlint (e.g., `brew install markdownlint-cli` or `npm install -g markdownlint-cli`) and running `make`.\n\nYou can see a generated [table of contents](toc.md) - rerun `make` to regenerate it. This generated file is included in the repository itself for convenience of those new to the document.\n\nThis content was originally converted from Google docs format using\n[gdocs2md](http://github.com/mangini/gdocs2md),\npatched to skip inline drawings.\nThat project unfortunately seems to have stalled.\nAlternative converters include\n[lmmx/gdocs2md-html](https://github.com/lmmx/gdocs2md-html)\nand\n[evbacher/gd2md-html](https://github.com/evbacher/gd2md-html)\n(the last one is most recently active).\n\nThis course is one of the results of the\n[Open Source Security Foundation (OpenSSF)](https://openssf.org/)\n[Best Practices working group (WG)](https://github.com/ossf/wg-best-practices-os-developers).\n\nIf you want to report vulnerabilities in this project, please see\n[SECURITY.md](./SECURITY.md).\n\nOur thanks to Flavia Cioanca for her work to convert the text into live courses!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossf%2Fsecure-sw-dev-fundamentals","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fossf%2Fsecure-sw-dev-fundamentals","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossf%2Fsecure-sw-dev-fundamentals/lists"}