Assess security risks in your open source project with Scorecard
You can use Scorecard to evaluate someone else’s software, or you can use it to improve your own.
To see a project’s score quickly, you can visit Open Source Insights. This site uses Scorecard data to report on the health of dependencies. For anything not covered on Open Source Insights, you can use the Scorecard command-line utility to scan any project on GitHub, or you can run Scorecard locally...