Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[docs] Analyse gaps and impact #6

Open
Ioana37 opened this issue Sep 16, 2024 · 2 comments
Open

[docs] Analyse gaps and impact #6

Ioana37 opened this issue Sep 16, 2024 · 2 comments
Labels
documentation Improvements or additions to documentation Stale

Comments

@Ioana37
Copy link
Collaborator

Ioana37 commented Sep 16, 2024
edited by balteravishay
Loading

The goal here is to analyse the gaps that exist in the .Net ecosystem in the security metrics that scorecard checks for, so that when we publish the blog post we can make a case that is backed by real data as to where the community should put its efforts.

In high level if we could get GitHub repositories that are nuget/.Net based and examine the scorecard checks metrics for them we could know what are the trending lows and trending highs for the nuget/.Net ecosystem.

We can start with the data that exists in CloudMine using the query in the comments to extract nuget repos that are Microsoft owned, and leverage PowerBI over the BigQuery open dataset that has the socrecard data for those repos.

Later we can explore how to retrieve more non-MS repos from GitHub and feed them into the dashboard.
@balteravishay balteravishay added the documentation Improvements or additions to documentation label Sep 17, 2024
@balteravishay balteravishay changed the title Analyse gaps and impact [docs] Analyse gaps and impact Sep 17, 2024
@balteravishay
Copy link
Owner

cluster("ospo").database("corporateprod").clearlyDefinedDefinitions |
project
id,type,provider,namespace,name,revision,sourceLocation,projectWebsite|
extend homeLink = strcat("https://github.com/",split(sourceLocation,"/")[3],"/",split(sourceLocation,"/")[4]) |
extend sourceLocationOrgName = strcat(split(sourceLocation,"/")[3],"/",split(sourceLocation,"/")[4]) |
join kind =inner(cluster("1es").database("GitHub").Repository |
project IsPrivate,Archived,FullName) on $left.sourceLocationOrgName==$right.FullName
| where Archived == false
| where IsPrivate == false
|
extend typeCapitalized=strcat(toupper(substring(type,0,1)),tolower(substring(type,1))) |
extend typeCapitalized=iif(typeCapitalized=="Nuget","NuGet",typeCapitalized) |
extend typeCapitalized=iif(typeCapitalized=="Pypi","Pip",typeCapitalized)|
extend typeCapitalized=iif(typeCapitalized=="Gem","RubyGems",typeCapitalized)|
extend typeCapitalized=iif(typeCapitalized=="Crate","Cargos",typeCapitalized)|
extend comparisonKeyCalculated=strcat(tolower(namespace),"/",tolower(name)," ",revision," -",typeCapitalized)|
extend comparisonKeyCalculated=iif(substring(comparisonKeyCalculated,0,1)=="/",substring(comparisonKeyCalculated,1),comparisonKeyCalculated)|
extend comparisonKeyCalculated=iif(typeCapitalized=="Maven",strcat(tolower(namespace),":",tolower(name)," ",revision," -",typeCapitalized),comparisonKeyCalculated) |
extend comparisonKeyCalculated= iif(substring(comparisonKeyCalculated,0,1)==":",substring(comparisonKeyCalculated,1),comparisonKeyCalculated) |
where typeCapitalized=="NuGet"|
distinct id,type,provider,namespace,name,sourceLocation,projectWebsite,homeLink,FullName,typeCapitalized

@github-actions GitHub Actions
Copy link

This issue has been marked stale because it has been open for 60 days with no activity.

@github-actions github-actions bot added the Stale label Nov 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Improvements or additions to documentation Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@balteravishay @Ioana37