Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bring CLOMonitor Score to 100% #21760

Closed
31 tasks done
eddie-knight opened this issue Oct 17, 2022 · 6 comments
Closed
31 tasks done

Bring CLOMonitor Score to 100% #21760

eddie-knight opened this issue Oct 17, 2022 · 6 comments
Labels
cncf/mentorship sig/agent Cilium agent related.

Comments

@eddie-knight
Copy link

eddie-knight commented Oct 17, 2022
edited by xmulligan

As Cilium is signed up for the Security Slam, this issue is to track the efforts necessary to bring this repo's CLOMonitor score to 100%.

CLOMonitor report

Summary

Repository: cilium
URL: https://github.com/cilium/cilium
Checks sets: COMMUNITY + CODE
Score: 86

Checks passed per category

Category Score
Documentation 100%
License 75%
Best Practices 95%
Security 65%
Legal 100%

Checks

Documentation [100%]

License [75%]

  • Apache-2.0 (docs)
  • Approved license (docs)
  • License scanning (docs)

Best Practices [95%]

Security [65%]

Legal [100%]

  • Trademark disclaimer (docs)

For more information about the checks sets available and how each of the checks work, please see the CLOMonitor's documentation.
@eddie-knight eddie-knight mentioned this issue Oct 17, 2022
Closed
7 tasks
@eddie-knight
Copy link
Author

This issue relates to the LF mentorship effort here

@aanm aanm added sig/agent Cilium agent related. cncf/mentorship labels Nov 8, 2022
@sandipanpanda sandipanpanda mentioned this issue Nov 25, 2022
Merged
@xmulligan
Copy link
Member

#22371 has checked off three more

@xmulligan
Copy link
Member

the last three are being worked on in #21435 #22220 and #20776

@xmulligan
Copy link
Member

license scanning is in #22737

@xmulligan
Copy link
Member

Analytics completed in #22220

@xmulligan
Copy link
Member

SBOM completed in #22191 so we are finished now 🎊

@aliok aliok mentioned this issue Jun 3, 2023
Open
sandipanpanda added a commit to sandipanpanda/cilium that referenced this issue Dec 17, 2023
@sandipanpanda
Add OpenSSF Scorecard badge to Cilium README
fa5125e 
OpenSSF Scorecard assesses open source projects for security risks
through a series of automated checks.  It performs a series of checks
and scores the overall security posture on a scale from 1-10.
Adding the OpenSSF Scorecard badge to the README would increase
transparency on the overall security posture of the project as
recommended in Cilium security audit, 2022. This would also increase
the CLOMonitor score of Cilium.

Fixes: cilium#23287 cilium#21760

Signed-off-by: Sandipan Panda <samparksandipan@gmail.com>
@sandipanpanda sandipanpanda mentioned this issue Dec 17, 2023
Closed
sandipanpanda added a commit to sandipanpanda/cilium that referenced this issue Jan 10, 2024
@sandipanpanda
Add OpenSSF Scorecard badge to Cilium README
e68bdf3 
OpenSSF Scorecard assesses open source projects for security risks
through a series of automated checks.  It performs a series of checks
and scores the overall security posture on a scale from 1-10.
Adding the OpenSSF Scorecard badge to the README would increase
transparency on the overall security posture of the project as
recommended in Cilium security audit, 2022. This would also increase
the CLOMonitor score of Cilium.

Fixes: cilium#23287 cilium#21760

Signed-off-by: Sandipan Panda <samparksandipan@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
cncf/mentorship sig/agent Cilium agent related.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aanm @eddie-knight @xmulligan