Looking for a Maturity Grid that Allow Developers in Orgs to Select an Open Source Project to Contribute to Its Sustainability #509
Replies: 3 comments 2 replies
-
|
Anonymous person answered Could you elaborate more? is it in terms of assessing the readiness of a project? If so, which variables are you looking for? security best practices implemented, community activity, documentation, governance? |
Beta Was this translation helpful? Give feedback.
-
|
Anonymous person answered Some possible resources could be reviewing attributes listed in https://github.com/chaoss/wg-risk and tools like https://securityscorecards.dev/viewer/ to see if a maintainer is adopting some of the more common security practices. https://snyk.io/advisor/ has some popular ecosystems covered where you can get a sense of viability. |
Beta Was this translation helpful? Give feedback.
-
|
Anonymous Author Replied Thanks for your reply! It's to help developers to chose viable open source projects to contribute to sustainability. Indeed which metrics they have to consider. |
Beta Was this translation helpful? Give feedback.
-
|
Anonymous person answered This Practitioner Guide may be of some help: https://chaoss.community/practitioner-guide-contributor-sustainability/ |
Beta Was this translation helpful? Give feedback.
-
|
Anonymous person answered You may find something useful in https://chaoss.community/kbtopic/all-metrics/ but without more context is hard to tell. |
Beta Was this translation helpful? Give feedback.
-
This discussion was shared via TODO Slack and has been anonymized
I am looking for a maturity grid that will allow me to select an open source project that we could adopt in a company
Beta Was this translation helpful? Give feedback.
All reactions