Third Party Verification - Repo Profiler

This standalone application is intended to check the source repo for specific indicators of the health of the repo and the project it hosts, including certain best-practice checks.

As described in [Repo Profiler](https://github.com/fairpm/fair-forge/blob/main/toolbox/verification-toolchain/readme.md#5-repo-profiler):
- 2FA enabled/required
- VDP listed
- Uses dependabot & plugin check actions
- Count number of contributors in past _n_ months
- Count number of commits/releases in past _n_ months
- Repo age
- Changelog for all releases
- https enforced _e.g._, [testssl.sh](https://github.com/span/testssl.sh) or curl, _etc._ and check port 80 is closed or redirected
- Append results to fair-forge-meta per spec

Resulting output to STDOUT is fine, can be piped where we need it later. Output format should be along these lines:
- [fair-forge-meta spec](https://github.com/fairpm/fair-forge/blob/main/toolbox/fair-forge-meta.md)
- [package-meta](https://github.com/fairpm/fair-forge/blob/main/toolbox/package-meta.md)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Third Party Verification - Repo Profiler #23

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Third Party Verification - Repo Profiler #23

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions