david-a-wheeler

followers

following

stars

Linux Foundation

https://dwheeler.com

@drdavidawheeler

Organizations

Conservatory

metamath

slsa-framework

David A. Wheeler's repositories

flawfinder

a static analysis tool for finding vulnerabilities in C/C++ source code

Language:PythonGPL-2.0473 17 62

spdx-tutorial

A brief tutorial on how to use Software Package Data Exchange (SPDX)

railroader

A static analysis security vulnerability scanner for Ruby on Rails applications (OSS fork of Brakeman)

Language:RubyMIT47 7 9

mmverify.py

Metamath verifier in Python

Language:PythonMIT35 6 8

make-booster

Utility routines to simplify using GNU make and Python

Language:MakefileMIT8 20

make-audit

Easy-to-use tool for auditing Makefiles for errors

Language:PythonMIT4 10

david-a-wheeler.github.io

Personal website contents

Language:HTML3 3 2

metamath-test

Test metamath verification implementations

Language:Objective-C++MIT3 4 2

oss-vulnerability-guide

A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications.

CC-BY-4.01 10

plot-stars

Plot nearby stars, e.g., for Project Hail Mary

Language:PythonGPL-2.01 20

security-reviews

A community collection of security reviews of open source software components.

Language:Python100

wg-digital-identity-attestation

Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the code they maintain, produce and use.

Apache-2.01 10

CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Language:PythonNOASSERTION000

cosign

Container Signing

Language:GoApache-2.0000

docs

The open-source repo for docs.github.com

Language:JavaScriptCC-BY-4.0000

extensions

Inform 7 extensions -- some may be ready for public use, others may be barely working experiments. Enjoy!

Language:Inform 7NOASSERTION000

forallx-yyc

UCalgary version of forallx, an introduction to formal logic

Language:TeXCC-BY-4.0000

fulcio

Sigstore OIDC PKI

Language:GoApache-2.0000

metamath-lamp

Language:ReScriptMIT000

omega-triage-portal

Language:PythonMIT000

OSSGadget

Collection of tools for analyzing open source packages.

Language:C#MIT000

rekor

Software Supply Chain Transparency Log

Language:GoApache-2.0000

scorecard

Security Scorecards - Security health metrics for Open Source

Language:GoApache-2.0010

scorecard-action

Official GitHub Action for OpenSSF Scorecard.

Language:GoApache-2.0000

sigstore-python

A codesigning tool for Python packages

Language:PythonNOASSERTION000

spdx-3-model

NOASSERTION000

temporary

010

wg-best-practices-os-developers

OSSF Working group: secure code best practices for open source developers

Language:JavaScript010

wg-securing-critical-projects

Helping allocate resources to secure the critical open source projects we all depend on.

Apache-2.0010

www-dwheeler-com

Repository representing alias www.dwheeler.com, NOT main dwheeler.com site

010