Skip to content

linagora/qsos-lng

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits
.claude
.claude
 
 
.github/workflows
.github/workflows
 
 
common
common
 
 
community
community
 
 
configs
configs
 
 
metadata
metadata
 
 
pkg
pkg
 
 
security
security
 
 
tech
tech
 
 
.gitignore
.gitignore
 
 
AGENTS.md
AGENTS.md
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

QSOS::LNG

Overview

QSOS::LNG analyzes Open-Source projects by collecting and scoring metrics from multiple sources:

  • GitHub API: Repository metadata, commit history, stars, and contributor activity
  • Tokei + Lizard: Code quality metrics (Tokei for fast line counting, Lizard for cyclomatic complexity)
  • OpenSSF Scorecard: Security best practices and vulnerability checks

The tool computes normalized scores across three main categories:

  1. Community: Maturity, activity, popularity, contributor engagement, and documentation quality
  2. Technical Quality: Code size and cyclomatic complexity (percentage of high-complexity functions)
  3. Security: Weighted scorecard checks for security best practices

Usage

  1. Create a personal access token for the GitHub API
  2. Configure with env variables:
    • DATABASE_URL for the PostgreSQL database connection string (e.g., postgres://user:password@localhost:5432/dbname)
    • GITHUB_TOKEN for the GitHub API token
    • AI_API_KEY for the AI API key (used for generating summaries)
    • AI_BASE_URL (optional) for a custom AI API base URL
    • AI_MODEL (optional) for specifying a particular AI model
  3. Run go run . analyze minio/minio

GitHub Actions Workflow

A workflow is available at .github/workflows/analyze.yml that can be triggered manually to analyze any project.

Required Secrets:

Configure these in your repository settings (Settings → Secrets and variables → Actions):

  • ANALYSIS_GITHUB_TOKEN - A Personal Access Token with public_repo scope (or repo for private repos)
    • Required for analyzing external repositories
    • The default GITHUB_TOKEN has insufficient permissions for OpenSSF Scorecard checks on external repositories
    • Create one at https://github.com/settings/tokens
  • AI_API_KEY - Your AI API key for generating summaries
  • AI_BASE_URL (optional) - Custom AI API URL
  • AI_MODEL (optional) - Specific AI model name

To run the workflow:

  1. Go to the Actions tab in your GitHub repository: https://github.com/linagora/qsos-lng/actions/workflows/analyze.yml
  2. Select "Analyze Project" workflow
  3. Click "Run workflow"
  4. Enter the project to analyze (e.g., minio/minio)
  5. View results in the workflow log

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages