Chainguard (John Speed Meyers, Head of Chainguard Labs implied) · August 2, 2024
Chainguard scanned 1,511 GitHub repositories associated with Wolfi packages using OpenSSF Scorecard and found the average score is 5.4/10 with a bell-shaped distribution. More popular projects (by GitHub stars) score higher, with a 100x increase in stars associated with a 1-point increase in Scorecard score.
Why read: The only identified source of the 5.4 figure — essential reading to understand the actual population measured (Wolfi repos, not 1M critical projects) and correct the claim's misattribution before publication.