Risk Working Group Meeting Summary July 6 2023

This week we discussed:

  1. Completed:
  • n/a
  1. In-Progress:
  • Building a Metrics Model Draft around the Open SSF Risk Dashboard
    • Metrics development for the model
      • Project transparency
      • Turning an open source project into a closed source one
      • Release frequency
      • Documentation checklist
    • Relation to the broader ecosystem
      • Ecosystem Criticality Score
      • Ecosystem terminology
      • Classification of projects
      • How to conceptualize the meaning of “ecosystem”
    • Dealing with reported vulnerabilities
      • OpenSSF
      • Best practices
  1. Deferred to next week
  • continuing conversation next week

Minutes are here.
Recording is here.