ngmi / ossf / wg-vulnerability-disclosures

ossf/wg-vulnerability-disclosures

213 stars

The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.

✓ Synced 1h ago Share on X →
README badge: [![ngmi](https://ngmi.review/badge/ossf/wg-vulnerability-disclosures.svg)](https://ngmi.review/repo/ossf/wg-vulnerability-disclosures)
72 Merged PRs
13 days Avg Merge Time
0m Fastest PR
4 months Slowest PR
#1017 Global Speed Rank

PR Size Analysis

Lines changed (additions + deletions) vs review outcomes. Re-sync to populate data for older PRs.

PRs by size
Avg review time (hrs)
Clean approval rate (%)

Top Reviewers

#1 @SecurityCRob
@SecurityCRob
27 reviews ✓ 10 approved
#2
@MarcinHoppe
12 reviews ✓ 11 approved
#3 @sethmlarson
@sethmlarson
8 reviews ✓ 1 approved
#4
@ctcpip
5 reviews ✓ 3 approved ↺ 1 blocked
#5 @bwillis
@bwillis
4 reviews ✓ 2 approved
#6 @esarafianou
@esarafianou
3 reviews ✓ 1 approved
#7
@JLLeitschuh
3 reviews
#8
@ljharb
2 reviews
#9
@jgamblin
2 reviews
#10
@david-a-wheeler
2 reviews

Recent Merged PRs

# Title Author Time Reviews Blocks
#173 🔥 dedupe content @ctcpip 5 days 1
#168 🔧 update lint configuration, clean up package.json, fix minor issues @ctcpip 1 month 1
#166 Amended CNA for OSS guide to mention CISA ADP @alilleybrinker 1 month 1
#169 Documentation updates @GeauxJD 5m 1
#160 add 2025 meeting minutes link @ctcpip 11m 0
#159 Add information about Red Hat as a Root @taladrane 7 days 3
#155 docs: fit md link formatting @sublimino 6m 1
#153 Update Outbound Vuln Disclosure Policy @JLLeitschuh 6 days 9
#150 Create Outbound_Vulnerability_Disclosure_Policy.md @JLLeitschuh 1 month 3
#148 Create Tabletop-Exercise-Framework.md @SecurityCRob 13 days 18
#149 SOSS Community Day NA 2024 @ian-barbour 42m 1
#147 Commit of the Siren FAQ from the previous working document @bbpursell1 2m 1
#146 Create SOSS Community Day NA 2024 @Danajoyluck 9m 0
#140 Add simple SECURITY.md appropriate for a WG @afmarcum 18 days 1
#139 RFC: Becoming a CNA as an Open Source organization or project @sethmlarson 1 month 17
#137 🐛 fix table @ctcpip 25m 0
#135 🚨 fix markdownlint problems, correct spelling of operations email @ctcpip 8 days 0
#134 🔧 move markdownlint config so editors will pick it up @ctcpip 18.6h 0
#130 Update README.md @epicfaace 2 days 0
#129 Crob readme @SecurityCRob 0m 0