-
Notifications
You must be signed in to change notification settings - Fork 49
OSS Health
Gabe Stocco edited this page Jun 4, 2021
·
1 revision
As the name suggests, OSS Health estimates the health of an open source package. It does this by collecting various metrics from a project (currently only supported for GitHub), combining them through an algorithm that we think is reasonable, and displaying the output.
In this context, we mean "health" to mean, roughly, the likelihood that a package will continue to meet stakeholder expectations in the future. We can divide this into different areas:
- Will the project continue to address bugs?
- Will there be new/improved features?
- How vibrant is the community?
- What is the so-called "bus factor"?
- Are security issues addressed promptly?
We recognize that the algorithm implemented isn't perfect, and welcome dialogue and contributions on how to improve it.
Usage information from --help
.
USAGE:
Find the source code repository for the given package:
oss-health [options] package-url...
-f, --format (Default: text) selct the output format(text|sarifv1|sarifv2)
-o, --output-file (Default: ) send the command output to a file instead of stdout
--help Display this help screen.
--version Display version information.
The package-url specifier is described at https://github.com/package-url/purl-spec:
pkg:cargo/rand The latest version of Rand (via crates.io)
pkg:cocoapods/AFNetworking The latest version of AFNetworking (via cocoapods.org)
pkg:composer/Smarty/Smarty The latest version of Smarty (via Composer/ Packagist)
pkg:cpan/Apache-ACEProxy The latest version of Apache::ACEProxy (via cpan.org)
pkg:cran/ACNE@0.8.0 Version 0.8.0 of ACNE (via cran.r-project.org)
pkg:gem/rubytree@* All versions of RubyTree (via rubygems.org)
pkg:golang/sigs.k8s.io/yaml The latest version of sigs.k8s.io/yaml (via proxy.golang.org)
pkg:github/Microsoft/DevSkim The latest release of DevSkim (via GitHub)
pkg:hackage/a50@* All versions of a50 (via hackage.haskell.org)
pkg:maven/org.apdplat/deep-qa The latest version of org.apdplat.deep-qa (via repo1.maven.org)
pkg:npm/express The latest version of Express (via npm.org)
pkg:nuget/Newtonsoft.JSON The latest version of Newtonsoft.JSON (via nuget.org)
pkg:pypi/django@1.11.1 Version 1.11.1 fo Django (via pypi.org)
pkg:ubuntu/zerofree The latest version of zerofree from Ubuntu (via packages.ubuntu.com)
pkg:vsm/MLNET/07 The latest version of MLNET.07 (from marketplace.visualstudio.com)
pkg:url/foo@1.0?url=<URL> The direct URL <URL>