Search / openssf/osps-baseline-to-scorecard / v0.0.0-dev-671f23f
Release · v0.0.0-dev-671f23f
openssf/osps-baseline-to-scorecard Mapping Document
openssf/osps-baseline-to-scorecard
Cross-walk from the Open Source Project Security (OSPS) Baseline controls to OpenSSF Scorecard. Each mapping asserts a "relates-to" relationship; strength, confidence-level, and rationale are left unset and should be added as the mappings are individually reviewed.
Published by OSPS Baseline Authors
Install
OCI v1.1$grcli unpack --repository openssf/osps-baseline-to-scorecard --tag v0.0.0-dev-671f23f - Coordinate
- oci.grc.store/openssf/osps-baseline-to-scorecard:v0.0.0-dev-671f23f
- Manifest digest
- sha256:6e05fe92a28cfe012ddf32147db93181b7d8f2d0d72fc95f079945d04fbd02b2
Provenance
1 layer| Digest | Media type | Size |
|---|---|---|
| d4bdd61dda54… | application/vnd.gemara.artifact.v1+yaml | 3.2 KiB |
Bundle config blob
{
"bundle-version": "1.0",
"gemara-version": "1.2.0",
"metadata": {
"provenance": {
"buildDefinition": {
"buildType": "https://grc.store/grcli/buildtype/v0",
"externalParameters": {
"artifact": {
"id": "osps-baseline-to-scorecard",
"type": "MappingDocument"
},
"target": {
"registry": "oci.grc.store",
"repository": "openssf/osps-baseline-to-scorecard",
"tag": "v0.0.0-dev-671f23f"
}
},
"internalParameters": {
"CI": "true",
"GITHUB_ACTIONS": "true",
"GITHUB_ACTOR": "eddie-knight",
"GITHUB_REF": "refs/heads/main",
"GITHUB_REPOSITORY": "eddie-knight/security-baseline",
"GITHUB_RUN_ATTEMPT": "1",
"GITHUB_RUN_ID": "26617016306",
"GITHUB_SHA": "671f23f015e4b0f6108ab8f82f0eba7f89d55dce",
"GITHUB_WORKFLOW": "Publish to grc.store",
"RUNNER_OS": "Linux"
},
"resolvedDependencies": [
{
"name": "/home/runner/work/_temp/staged/osps-to-scorecard.yaml",
"uri": "file:///home/runner/work/_temp/staged/osps-to-scorecard.yaml",
"digest": {
"sha256": "d4bdd61dda54942074554572834553dd49e0755e81a707d1478922f2c0daeb77"
}
},
{
"name": "source",
"uri": "git+https://github.com/eddie-knight/security-baseline@671f23f015e4b0f6108ab8f82f0eba7f89d55dce",
"digest": {
"gitCommit": "671f23f015e4b0f6108ab8f82f0eba7f89d55dce"
}
}
]
},
"runDetails": {
"builder": {
"id": "https://github.com/eddie-knight/security-baseline/actions/runs/26617016306",
"version": {
"go": "go1.25.0",
"go-arch": "amd64",
"go-os": "linux",
"grcli": "v0.2.2"
}
},
"metadata": {
"invocationId": "26617016306-1",
"startedOn": "2026-05-29T03:57:20.395851186Z",
"finishedOn": "2026-05-29T03:57:20.481476869Z"
},
"byproducts": [
{
"name": "osps-to-scorecard.yaml",
"digest": {
"sha256": "d4bdd61dda54942074554572834553dd49e0755e81a707d1478922f2c0daeb77"
}
}
]
}
}
},
"artifacts": [
{
"name": "osps-to-scorecard.yaml",
"type": "MappingDocument",
"id": "osps-baseline-to-scorecard",
"role": "artifact"
}
]
} Renderer not enabled
A renderer for MappingDocument is not yet supported in this UI. The artifact is published and pullable via the coordinate above.