{"id":31035723,"url":"https://github.com/ossf/wg-orbit","last_synced_at":"2026-02-15T01:33:27.651Z","repository":{"id":288476861,"uuid":"967651718","full_name":"ossf/wg-orbit","owner":"ossf","description":"ORBIT: Open Resources for Baselines, Interoperability, and Tooling","archived":false,"fork":false,"pushed_at":"2025-12-18T17:55:17.000Z","size":36,"stargazers_count":20,"open_issues_count":11,"forks_count":4,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-12-22T14:56:31.886Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ossf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-04-16T19:33:26.000Z","updated_at":"2025-12-18T17:55:22.000Z","dependencies_parsed_at":"2025-09-30T00:14:33.071Z","dependency_job_id":"af1a4789-6f90-4cab-bc1e-6bf2a65fba49","html_url":"https://github.com/ossf/wg-orbit","commit_stats":null,"previous_names":["ossf/wg-orbit"],"tags_count":0,"template":false,"template_full_name":"ossf/project-template","purl":"pkg:github/ossf/wg-orbit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fwg-orbit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fwg-orbit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fwg-orbit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fwg-orbit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ossf","download_url":"https://codeload.github.com/ossf/wg-orbit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fwg-orbit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29464186,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-15T01:01:38.065Z","status":"ssl_error","status_checked_at":"2026-02-15T01:01:23.809Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-09-14T03:47:11.120Z","updated_at":"2026-02-15T01:33:27.646Z","avatar_url":"https://github.com/ossf.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cimg align=\"center\" src=\"https://openssf.org/wp-content/uploads/2025/06/orbit_logo.svg\" height=\"200\"\u003e\n\n# OpenSSF ORBIT Working Group\n\n**ORBIT**: Open Resources for Baselines, Interoperability, and Tooling\n\nThe ORBIT Working Group (WG) is a [Sandbox-level](https://github.com/ossf/tac/blob/main/process/working-group-lifecycle.md#to-become-sandbox) group within the [Open Source Security Foundation (OpenSSF)](https://openssf.org).\n\n\u003cimg align=\"right\" src=\"https://github.com/ossf/tac/blob/main/files/images/OpenSSF_StagesBadges_sandbox.svg\" width=\"100\" height=\"100\"\u003e\n\nORBIT exists to develop and maintain interoperable resources for the identification and presentation of security-relevant data. It provides a home for collaborative activities, best practice definitions, documentation, testing, integration, and other artifacts supporting the mission.\n\n---\n\n```mermaid\nflowchart TD\n\n    BPB(OpenSSF\n    Best Practices Badge)\n    LFXInsights(LFX Insights\n    Security \u0026 Best Practices)\n\n    subgraph ORBIT Working Group\n\n        subgraph OSPS\n            Assessments(Security Assessments)\n            CopyPasta(Security CopyPasta)\n            Baseline(Security Baseline)\n        end\n\n        subgraph Gemara\n            GemaraSDK(Implementation SDK)\n            GemaraLexicon(GRC Engineering Lexicon)\n            GemaraSchemas(GRC Asset Schemas)\n        end\n\n        SecurityInsights(Security Insights)\n        subgraph Minder\n        MinderPlatform(Platform)\n        minder-rules(minder-rules)\n        end\n\n        pvtr[GitHub Repo\n        Privateer Plugin]\n        click pvtr \"https://github.com/revanite-io/pvtr-github-repo?tab=readme-ov-file#readme\"\n\n    end\n\n    BPB --\u003e| references | Baseline\n    Baseline --\u003e | references | Assessments \u0026 CopyPasta\n    MinderPlatform --\u003e|evaluates| minder-rules\n    minder-rules --\u003e|reads| SecurityInsights\n    GemaraSchemas --\u003e| provides structure| Baseline\n    pvtr --\u003e|reads | SecurityInsights\n    GemaraSDK --\u003e|provides logic |pvtr\n    LFXInsights --\u003e|uses |pvtr\n    Baseline --\u003e| defines requirements | pvtr \u0026 minder-rules\n    GemaraLexicon --\u003e| provides common language | OSPS\n\n    click LFXInsights \"https://insights.linuxfoundation.org/\"\n    click Assessments \"https://github.com/ossf/security-assessments?tab=readme-ov-file#readme\"\n    click Baseline \"https://baseline.openssf.org\"\n    click BPB \"https://openssf.org/projects/best-practices-badge/\"\n    click GemaraSDK \"https://gemara.openssf.org/implementation/#go-sdk\"\n    click GemaraSchemas \"https://gemara.openssf.org/implementation/#layer-schemas\"\n    click GemaraLexicon \"https://gemara.openssf.org/lexicon/\"\n    click SecurityInsights \"https://github.com/ossf/security-insights?tab=readme-ov-file#readme\"\n    click MinderPlatform \"https://github.com/mindersec/minder?tab=readme-ov-file#readme\"\n    click minder-rules \"https://github.com/mindersec/minder-rules-and-profiles?tab=readme-ov-file#readme\"\n```\n\nThe group is open to participation from anyone who abides by the [Contributor Covenant Code of Conduct 2.0](https://www.contributor-covenant.org/version/2/0/code_of_conduct/) (OpenSSF member or not).\n\nReview the WG's [mission and scope](CHARTER.md#1-mission-and-scope) for more details.\n\n## Quick Start\n\n1. Star this repository to stay updated\n1. Review the [active technical initiatives](./CHARTER.md#active-technical-initiatives) to see where you can contribute\n1. Join Slack and introduce yourself\n1. Join a working group meeting\n    - [Add the ORBIT WG meeting to your calendar](https://calendar.google.com/calendar/u/0/r/eventedit/copy/NmxoMTUzc20wbG80MzQxNWY4NGJicHJuMm5fMjAyNTA1MDhUMTcwMDAwWiBzNjN2b2VmaHA1aTlwZmx0YjVxNjduZ3Blc0Bn)\n    - [Meeting Notes](https://docs.google.com/document/d/1Hf-SsjYaAvY2Nk_jJ2-aHMqgBi1qg7oIj3PJWsCEe0U/edit?tab=t.0#heading=h.omyjy2x7t74i)\n\n## Governance\n\nThe WG is governed by a [Technical Steering Committee (TSC)](./CHARTER.md#2-technical-steering-committee) composed of the leads from the active technical initiatives.\n\nReview the WG charter for information about [operational policies](./CHARTER.md#5-compliance-with-policies), [trademarks](./CHARTER.md#6-community-assets), and [intellectual property licensing](./CHARTER.md#7-intellectual-property-policy).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossf%2Fwg-orbit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fossf%2Fwg-orbit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossf%2Fwg-orbit/lists"}