github/advisory-database: Grade F (40/100)

/ 100

2,336CC-BY-4.01d ago

Real traction, but rough engineering makes it hard for contributors to trust.

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Documentation

1 checks need work

Install and run instructions9pt

No install instructions found in the README (−45 pts).

→ Add a section showing how to install dependencies.

Contributing guide5pt

Contributing guide is detailed and thorough.

README12pt

This repository is large enough that GitHub truncated the file tree. The scan is based on a partial file list, so some checks may under-report.

License6pt

100

Licensed under CC-BY-4.0.

Engineering

5 checks need work

Tests18pt

No tests detected anywhere in the repository.

→ Add automated tests. They prove the code works and give contributors confidence to make changes.

Linting and formatting5pt

No linter or formatter config found.

→ Add a linter config such as .eslintrc.json, .prettierrc, ruff.toml, or .golangci.yml to enforce consistent code style.

Reproducibility6pt

No dependency lockfile found (−70 pts).

→ Commit the lockfile for this project's package manager so installs produce the same dependency versions everywhere.

Issue and PR templates6pt

No issue or PR templates found (−100 pts).

→ Add .github/ISSUE_TEMPLATE/ with bug_report.md and feature_request.md to guide contributors. It dramatically improves issue quality.

CI/CD14pt

CI is configured (.github/workflows/create_staging_branch.yaml).

Project health

3 checks need work

Dependency manifest6pt

No dependency manifest detected at root.

→ Add a manifest (package.json, pyproject.toml, Cargo.toml, go.mod, etc.) so others can install dependencies in one command.

Housekeeping3pt

No .gitignore found (−60 pts).

→ Add a .gitignore to keep build output, node_modules, and secrets out of version control.

Repository metadata5pt

Repository has a description.

Activity5pt

100

Actively maintained (pushed within the last month).

Repository health signals

Activity, community, and responsiveness at scan time

Activity

—
Commits (30d / 90d)
645
Forks
0
Releases

Community

—
Community health
—
authors own >50% of commits
2,336
Watchers

Responsiveness

16h
Median issue response
1d 17h
Median PR merge time
330
Open issues

Repository files7 root entries

.github
Good: CI is configured (.github/workflows/create_staging_branch.yaml).
advisories
CODE_OF_CONDUCT.md
Good: Code of conduct present.
CONTRIBUTING.md
Good: Contributing guide is detailed and thorough.
Issue: Contributing guide lacks a setup section (−12 pts).Fix: Show new contributors how to get a local dev environment running.
Issue: Contributing guide lacks a code style section (−8 pts).Fix: Describe your linting/formatting rules and how to run them.
Issue: Contributing guide lacks a testing section (−8 pts).Fix: Show contributors how to run the test suite (e.g. npm test, pytest, cargo test).
Good: Contributing guide describes the PR/review workflow.
Issue: Contributing guide has no code examples (−5 pts).Fix: Add code blocks showing example commands for setup, running tests, and submitting a PR.
LICENSE.md
Good: Licensed under CC-BY-4.0.
README.md
Good: README is present.
Good: README is well structured with multiple sections.
Good: README includes screenshots or visuals. Great for first impressions.
Issue: README has no code examples (−15 pts).Fix: Show a quick-start snippet so contributors can see what using your project looks like.
Good: README links to a live demo or deployed app.
Issue: No status badges in the README (−10 pts).Fix: Add CI/build status badges from shields.io or your CI provider to signal project health.
Issue: No install instructions found in the README (−45 pts).Fix: Add a section showing how to install dependencies.
Good: README documents how to run the project.
SECURITY.md
Good: Security policy present.