OpenSSF

OpenSSF Scorecard API

The OpenSSF Scorecard API returns automated security health metrics for public open source repositories. Scorecard runs a series of checks (e.g., Branch-Protection, Code-Review, Pinned-Dependencies, Signed-Releases, Token-Permissions, Vulnerabilities) and exposes per-check scores plus an aggregate 0-10 score via api.securityscorecards.dev.

GitHub OpenAPI

Documentation

📖
Documentation
https://github.com/ossf/scorecard
📖
Documentation
https://scorecard.dev/

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/openssf/refs/heads/main/openapi/openssf-scorecard-openapi.yml

Other Resources

🔗
JSONLDContext
https://raw.githubusercontent.com/api-evangelist/openssf/refs/heads/main/json-ld/openssf-context.jsonld

OpenAPI Specification

openssf-scorecard-openapi.yml Raw ↑