Chainguard (John Speed Meyers implied, Head of Chainguard Labs) · August 2, 2024
Chainguard scanned 1,511 GitHub repositories in the Wolfi distribution using OpenSSF Scorecard and found the mean aggregate score was 5.4 out of 10, with a bell-shaped distribution.
Why read: The only source providing the 5.4 average Scorecard score; essential for understanding the actual population this figure describes (Wolfi packages, not OpenSSF's 1M critical projects).
The official OpenSSF Scorecard GitHub repository confirms weekly scanning of 1 million most critical open source projects with results published to BigQuery.
Why read: Primary source confirming the 1M project scanning infrastructure; essential context for understanding what data is and is not publicly available.