in-toto-golang

0.9.0 Opens a new window with list of versions in this module.

A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity. For more information about how to use this package see README

Latest version published 2 years ago

Ensure you're using the healthiest golang packages

Snyk scans all the packages in your projects for vulnerabilities and provides automated fix advice

Package Health Score

59 / 100

Popularity

Small
popularity-imported Imported By
0
popularity-stars GitHub Stars
132
popularity-forks Forks
51
popularity-contributors Contributors
30

Usage Popularity

TOP 10%

Based on project statistics from the GitHub repository for the Golang package in-toto-golang, we found that it has been 132 times.

The popularity score for Golang modules is calculated based on the number of stars that the project has on GitHub as well as the number of imports by other modules.

Security

No known security issues
Powered by Snyk
0.9.0 Opens a new window with list of versions in this module. (Latest)

Security risks

Direct Vulnerabilities
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
Indirect Vulnerabilities
Check with Snyk

Release Date
May 4, 2023
License
Apache-2.0
Security Policy
No

We found a way for you to contribute to the project! Looks like in-toto-golang is missing a security policy.


You can connect your project's repository to Snyk to stay up to date on security alerts and receive automatic fix pull requests.

Keep your project free of vulnerabilities with Snyk

Maintenance

Inactive

Commit Frequency

Open Issues
27
Open PR
3
Last Release
2 years ago
Last Commit
11 days ago

Further analysis of the maintenance status of github.com/in-toto/in-toto-golang based on released golang versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.

An important project maintenance signal to consider for github.com/in-toto/in-toto-golang is that it hasn't seen any new versions released to golang in the past 12 months, and could be considered as a discontinued project, or that which receives low attention from its maintainers.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Community

Sustainable
Readme.md
No
Contributing.md
No
Code of Conduct
No
Contributors
30
Funding
No

With more than 10 contributors for the github.com/in-toto/in-toto-golang repository, this is possibly a sign for a growing and inviting community.

We found a way for you to contribute to the project! Looks like github.com/in-toto/in-toto-golang is missing a Code of Conduct.

How about a good first contribution to this project? It seems that github.com/in-toto/in-toto-golang is missing a README file.


Embed Package Health Score Badge

package health: 59/100 package health 59/100