David A. Wheeler's repositories
flawfinder
a static analysis tool for finding vulnerabilities in C/C++ source code
spdx-tutorial
A brief tutorial on how to use Software Package Data Exchange (SPDX)
railroader
A static analysis security vulnerability scanner for Ruby on Rails applications (OSS fork of Brakeman)
mmverify.py
Metamath verifier in Python
make-booster
Utility routines to simplify using GNU make and Python
make-audit
Easy-to-use tool for auditing Makefiles for errors
david-a-wheeler.github.io
Personal website contents
metamath-test
Test metamath verification implementations
oss-vulnerability-guide
A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications.
plot-stars
Plot nearby stars, e.g., for Project Hail Mary
security-reviews
A community collection of security reviews of open source software components.
wg-digital-identity-attestation
Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the code they maintain, produce and use.
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
cosign
Container Signing
docs
The open-source repo for docs.github.com
extensions
Inform 7 extensions -- some may be ready for public use, others may be barely working experiments. Enjoy!
forallx-yyc
UCalgary version of forallx, an introduction to formal logic
fulcio
Sigstore OIDC PKI
OSSGadget
Collection of tools for analyzing open source packages.
rekor
Software Supply Chain Transparency Log
scorecard-action
Official GitHub Action for OpenSSF Scorecard.
sigstore-python
A codesigning tool for Python packages
wg-best-practices-os-developers
OSSF Working group: secure code best practices for open source developers
wg-securing-critical-projects
Helping allocate resources to secure the critical open source projects we all depend on.
www-dwheeler-com
Repository representing alias www.dwheeler.com, NOT main dwheeler.com site