Gives criticality score for an open source project

Overview

Open Source Project Criticality Score (Beta)

This project is maintained by members of the Securing Critical Projects WG.

Goals

  1. Generate a criticality score for every open source project.

  2. Create a list of critical projects that the open source community depends on.

  3. Use this data to proactively improve the security posture of these critical projects.

Criticality Score

A project's criticality score defines the influence and importance of a project. It is a number between 0 (least-critical) and 1 (most-critical). It is based on the following algorithm by Rob Pike:

We use the following parameters to derive the criticality score for an open source project:

Parameter (Si) Weight (αi) Max threshold (Ti) Description Reasoning
created_since 1 120 Time since the project was created (in months) Older project has higher chance of being widely used or being dependent upon.
updated_since -1 120 Time since the project was last updated (in months) Unmaintained projects with no recent commits have higher chance of being less relied upon.
contributor_count 2 5000 Count of project contributors (with commits) Different contributors involvement indicates project's importance.
org_count 1 10 Count of distinct organizations that contributors belong to Indicates cross-organization dependency.
commit_frequency 1 1000 Average number of commits per week in the last year Higher code churn has slight indication of project's importance. Also, higher susceptibility to vulnerabilities.
recent_releases_count 0.5 26 Number of releases in the last year Frequent releases indicates user dependency. Lower weight since this is not always used.
closed_issues_count 0.5 5000 Number of issues closed in the last 90 days Indicates high contributor involvement and focus on closing user issues. Lower weight since it is dependent on project contributors.
updated_issues_count 0.5 5000 Number of issues updated in the last 90 days Indicates high contributor involvement. Lower weight since it is dependent on project contributors.
comment_frequency 1 15 Average number of comments per issue in the last 90 days Indicates high user activity and dependence.
dependents_count 2 500000 Number of project mentions in the commit messages Indicates repository use, usually in version rolls. This parameter works across all languages, including C/C++ that don't have package dependency graphs (though hack-ish). Plan to add package dependency trees in the near future.

NOTE:

  • We are looking for community ideas to improve upon these parameters.
  • There will always be exceptions to the individual reasoning rules.

Usage

The program only requires one argument to run, the name of the repo:

$ pip3 install criticality-score

$ criticality_score --repo github.com/kubernetes/kubernetes
name: kubernetes
url: https://github.com/kubernetes/kubernetes
language: Go
description: Production-Grade Container Scheduling and Management
created_since: 87
updated_since: 0
contributor_count: 3999
watchers_count: 79583
org_count: 5
commit_frequency: 97.2
recent_releases_count: 70
updated_issues_count: 5395
closed_issues_count: 3062
comment_frequency: 5.5
dependents_count: 454393
criticality_score: 0.99107

You can add your own parameters to the criticality score calculation. For example, you can add internal project usage data to re-adjust the project's criticality score for your prioritization needs. This can be done by adding the --params : : ... argument on the command line.

Authentication

Before running criticality score, you need to:

# For posix platforms, e.g. linux, mac:
export GITHUB_AUTH_TOKEN=<your access token>

# For windows:
set GITHUB_AUTH_TOKEN=<your access token>
  • For GitLab repos, you need to create a GitLab access token and set it in environment variable GITLAB_AUTH_TOKEN. This helps to avoid the GitLab's api limitations for unauthenticated users.
# For posix platforms, e.g. linux, mac:
export GITLAB_AUTH_TOKEN=<your access token>

# For windows:
set GITLAB_AUTH_TOKEN=<your access token>

Formatting Results

There are three formats currently: default, json, and csv. Others may be added in the future.

These may be specified with the --format flag.

Public Data

If you're only interested in seeing a list of critical projects with their criticality score, we publish them in csv format.

This data is available on Google Cloud Storage and can be downloaded via the gsutil command-line tool or the web browser here.

NOTE: Currently, these lists are derived from projects hosted on GitHub ONLY. We do plan to expand them in near future to account for projects hosted on other source control systems.

$ gsutil ls gs://ossf-criticality-score/*.csv
gs://ossf-criticality-score/c_top_200.csv
gs://ossf-criticality-score/cplusplus_top_200.csv
gs://ossf-criticality-score/csharp_top_200.csv
gs://ossf-criticality-score/go_top_200.csv
gs://ossf-criticality-score/java_top_200.csv
gs://ossf-criticality-score/js_top_200.csv
gs://ossf-criticality-score/php_top_200.csv
gs://ossf-criticality-score/python_top_200.csv
gs://ossf-criticality-score/ruby_top_200.csv
gs://ossf-criticality-score/rust_top_200.csv
gs://ossf-criticality-score/shell_top_200.csv

This data is generated using this generator script. For example, to generate a list of top 200 C language projects, run:

$ pip3 install python-gitlab PyGithub
$ python3 -u -m criticality_score.generate \
    --language c --count 200 --sample-size 5000 --output-dir output

We have also aggregated the results over 100K repositories in GitHub (language-independent) and are available for download here.

Contributing

If you want to get involved or have ideas you'd like to chat about, we discuss this project in the Securing Critical Projects WG meetings.

See the Community Calendar for the schedule and meeting invitations.

See the Contributing documentation for guidance on how to contribute.

Comments
  • GeoTools not showing in top 200 for java projects, run criticality score on larger sample set

    GeoTools not showing in top 200 for java projects, run criticality score on larger sample set

    I looked at the top 200 Java projects, out of curiosity, to see if any of the projects I'm working on, like GeoTools, is included in the list. It was not, which is not an issue per se, but then I've computed the criticality score from command line, getting this:

    criticality_score --repo "https://github.com/geotools/geotools"
    name: geotools
    url: https://github.com/geotools/geotools
    language: Java
    created_since: 111
    updated_since: 0
    contributor_count: 315
    org_count: 6
    commit_frequency: 9.7
    recent_releases_count: 16
    closed_issues_count: 150
    updated_issues_count: 161
    comment_frequency: 1.0
    dependents_count: 337
    criticality_score: 0.66477
    

    The score alone would place the project at around position 100 of the top 200 projects. Since it's a no show, I'm wondering if there is any other criteria used to include/exclude projects, besides the pure score?

    opened by aaime 12
  • Use project first commit date for created_since, instead of github project creation date

    Use project first commit date for created_since, instead of github project creation date

    For many projects the github creation date might not match the project creation date.

    Would it be better to look at the date of the oldest commit in the repository?

    For example, for OpenSSL the computed creation_since value is 95 months, as the date of creation of a github mirror (2013-01-15T22:34:48Z), but the project is almost 22 years old (the first commit in the master branch dates back to 1998-12-21T10:52:45+00:00)!

    The cap for the field is 10 years anyway, so it's not that bad, but still it is one parameter in the equation that might be adjusted.

    Edit: this also affects other fields (e.g. recent_releases) when they are computed based on estimates based on the time since creation.

    Thoughts?

    priority 
    opened by romen 7
  • What is dependents_count parameter, looks suspect ?

    What is dependents_count parameter, looks suspect ?

    I asked for the criticality info on several projects in my industry's ecosystem, and the dependents_count really confuses me and makes me suspicious about how it's computed. Some of the projects I checked are hard dependencies of others, so if transitive dependencies are being properly tracked, the former should always have higher dependents_count than the latter, no? But this is not the case.

    One project that I run is very specialized and is of no use to casual small projects, only making sense as an embedded component of a large open source or commercial app. So while certainly very important in my industry and having a large number of end users touch those things in which it is embedded, I expect it to have a tiny number of directly downstream projects. Yet it has an absurdly, implausibly high dependents_count. Other projects I checked on that I know are directly used by orders of magnitude more projects, have implausibly low dependents_count.

    Is there some kind of verbose mode that prints details that would give us more information about how these scores are computed? Like, more insight into why it thinks a project has few or many dependent projects?

    I should mention that these are C++ projects, so perhaps the means by which dependencies are tracked is very flawed compared to a python (say) which may have a requirements.txt. How is it computed for C++? Has anybody considered promoting a GitHub convention of having a particularly named file serve as a manifest for what other projects a code base is dependent on? (Informationally only, since no C++ build system cares about such things.)

    question+answer 
    opened by lgritz 6
  • Maven and Gradle not in the Top 2000 java list

    Maven and Gradle not in the Top 2000 java list

    Hi,

    I just saw that the Maven and Gradle projects are less important that 2000 java projects where they are used in as a build tool. Maybe due to the fact that they:

    • are not a declared dependency
    • https://github.com/ossf/criticality_score/issues/14
    • https://github.com/ossf/criticality_score/issues/23
    • external issue tracker
    • All the parts (pluggable, not a dependency!) are split into many repositories
    • Mosten downloaded via maven.org, sdkman, package systems, etc

    Probably the same for other languages and build-tools, but haven’t checked.

    opened by bmarwell 6
  • Installation does not work as described in README

    Installation does not work as described in README

    I get:

    $ pip3 install criticality-score
    Collecting criticality-score
      Could not find a version that satisfies the requirement criticality-score (from versions: )
    No matching distribution found for criticality-score
    
    opened by sschuberth 6
  • Add Watchers/Description Metrics

    Add Watchers/Description Metrics

    I wanted to submit a suggestion to include GitHub Watchers (to help assess popularity) and the GitHub Description (to clarify the project's overall goal). I am currently helping contribute to OSSF's Security Metrics project, in which we are retrieving several of the GitHub metrics covered in this project (but also need to analyze the two mentioned above to help with our overall security assessment). If these can be included via the pull request I have submitted that would be extremely helpful. Thank you!

    opened by dilanbhalla 5
  • Handle empty repo case

    Handle empty repo case

    When I was running the script, I bumped into these repos that they fall into the filter due to high number of stars but they're actually empty and the script throws an exception: https://github.com/fossasia/libregraphics.asia https://github.com/libredesktop/libredesktop-events https://github.com/libredesktop/libredesktop-project-list https://github.com/libredesktop/LibreDesktop-Specs https://github.com/meilix/arch-meilix https://github.com/meilix/deb-meilix https://github.com/meilix/meilix-addons https://github.com/meilix/meilix-art https://github.com/meilix/meilix-connect https://github.com/meilix/meilix-web https://github.com/susiai/susi_partners https://github.com/susiai/susi_sdk https://github.com/ascoders/blog https://github.com/bigdongdongCLUB/newGCP https://github.com/koush/support-wiki https://github.com/mariobehling/ai-packages https://github.com/mariobehling/mb-sandbox https://github.com/meilix/meilix-docs https://github.com/paulirish/devtools-addons https://github.com/QingDaoIT/BlackList https://github.com/zhengzhouqiuzhi/zhengzhouqiuzhi

    To handle it, for GitLab, checking the commits length was enough:

    if len(repo.commits.list()) == 0:
    

    For GitHub, I couldn't find any proper way to understand whether the repo is empty. When we call "get_commits().totalCount", it already throws an exception. What I did is to force it to throw the exception by assigning "totalCount" to an unused variable (I could do it by printing the value as well?). Not an ideal solution, so let me know what you think.

    try:
    	repo = get_github_auth_token().get_repo(repo_url)
    	# Validate whether repo is empty; if it's empty, calling totalCount throws a 409 exception
    	total_commits = repo.get_commits().totalCount
    except github.GithubException as exp:
    	if exp.status == 404 or exp.status == 409:
    		return None
    return GitHubRepository(repo)
    

    Another remark is that we're spending one more request from our rate limit when calling "get_commits()" to make this validation. I only tested this for GitHub, but I'm assuming it's the same for GitLab as well.

    Alternatively, we can make all these calls before initializing the repo, do the validations, and pass them to repo object as arguments? This would also help us reducing the number of call to the API, but making these changes would take some time.

    To be able to test my changes, I created empty repos on both GitHub & GitLab btw: https://github.com/coni2k/empty-repo https://gitlab.com/coni2k/empty-repo

    Last, I also added this bit to "generate" script. Otherwise it fails when there are no processed repos:

    if len(stats) == 0:
        return
    
    opened by coni2k 5
  • Adds repolist command line parameter

    Adds repolist command line parameter

    The new --repolist parameter takes the name of a file containing a list of repositories to score.

    usage: run.py [-h] (--repo REPO | --repolist REPOLIST | --local-file L_FILE) [--format {default,csv,json}] [--params PARAMS [PARAMS ...]]

    Gives criticality score for an open source project or a list of projects.

    optional arguments: -h, --help show this help message and exit --repo REPO repository url --repolist REPOLIST listfile of repository urls --local-file L_FILE path of a local csv file with repo stats --format {default,csv,json} output format. allowed values are [default, csv, json] --params PARAMS [PARAMS ...] Additional parameters in form ::<max_threshold>

    This at least partially addresses Issue #97

    Signed-off-by: Arnaud J Le Hors [email protected]

    opened by lehors 4
  • why apache/spark isn't in Java top 200 public data?

    why apache/spark isn't in Java top 200 public data?

    Spark has much higher score than ElasticSearch and Beam, Spark is missing but ElasticSearch and Beam are there, why?

    apache/spark:

    $ criticality_score --repo github.com/apache/spark
    name: spark
    url: https://github.com/apache/spark
    language: Scala
    created_since: 83
    updated_since: 0
    contributor_count: 2374
    org_count: 4
    commit_frequency: 53.8
    recent_releases_count: 20
    closed_issues_count: 1252
    updated_issues_count: 1456
    comment_frequency: 12.1
    dependents_count: 396346
    criticality_score: 0.96476
    

    elastic/elasticsearch:

    $ criticality_score --repo github.com/elastic/elasticsearch
    name: elasticsearch
    url: https://github.com/elastic/elasticsearch
    language: Java
    created_since: 132
    updated_since: 0
    contributor_count: 1709
    org_count: 3
    commit_frequency: 127.1
    recent_releases_count: 21
    closed_issues_count: 7966
    updated_issues_count: 9234
    comment_frequency: 1.0
    dependents_count: 95320
    criticality_score: 0.88175
    

    apache/beam:

    $ criticality_score --repo github.com/apache/beam
    name: beam
    url: https://github.com/apache/beam
    language: Java
    created_since: 59
    updated_since: 0
    contributor_count: 980
    org_count: 7
    commit_frequency: 67.1
    recent_releases_count: 7
    closed_issues_count: 725
    updated_issues_count: 826
    comment_frequency: 4.3
    dependents_count: 11397
    criticality_score: 0.8319
    
    opened by Dieken 4
  • How are the top 200 lists computed?

    How are the top 200 lists computed?

    I am directly responsible for two open source projects. I was shocked to see that one is on your "top 200" list of C++ projects. The other project has been around longer, has more contributors, more PRs, surely has an order of magnitude more downstream users, and in fact has a much higher criticality score. But it's not on the list. I can't quite figure out what the top 200 would be measuring (I would think the 200 projects with the very highest criticality score itself? But apparently not?) for the first project to show up on the list but not the other.

    Can you give any insight about WHAT is being ranked in your "top" lists?

    opened by lgritz 4
  • Language implementation is less critical than language project generator, create list for TypeScript projects inside JS list.

    Language implementation is less critical than language project generator, create list for TypeScript projects inside JS list.

    tsdx, a TypeScript project generator, appears in the top 200 list for JavaScript packages; however, TypeScript itself does not. That seems somewhat counterintuitive.

    opened by DanielRosenwasser 4
  • Bump cloud.google.com/go/bigquery from 1.43.0 to 1.45.0

    Bump cloud.google.com/go/bigquery from 1.43.0 to 1.45.0

    Bumps cloud.google.com/go/bigquery from 1.43.0 to 1.45.0.

    Release notes

    Sourced from cloud.google.com/go/bigquery's releases.

    bigquery: v1.45.0

    1.45.0 (2023-01-05)

    Features

    • bigquery/datapolicies: Start generating apiv1 (#7204) (fd71cba)
    • bigquery/datatransfer: Add location methods (06a54a1)
    • bigquery: Add REST client (06a54a1)
    • bigquery: Rewrite signatures and type in terms of new location (620e6d8)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 0
  • Bump actions/checkout from 3.1.0 to 3.3.0

    Bump actions/checkout from 3.1.0 to 3.3.0

    Bumps actions/checkout from 3.1.0 to 3.3.0.

    Release notes

    Sourced from actions/checkout's releases.

    v3.3.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3.2.0...v3.3.0

    v3.2.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3.1.0...v3.2.0

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 0
  • Bump google.golang.org/api from 0.102.0 to 0.106.0

    Bump google.golang.org/api from 0.102.0 to 0.106.0

    Bumps google.golang.org/api from 0.102.0 to 0.106.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.106.0

    0.106.0 (2023-01-04)

    Features

    • all: Auto-regenerate discovery clients (#1784) (a7f08e2)
    • all: Auto-regenerate discovery clients (#1788) (9fb35f5)
    • all: Auto-regenerate discovery clients (#1790) (7bd17b3)
    • all: Auto-regenerate discovery clients (#1794) (3944e86)
    • idtoken: Add support for impersonated_service_account creds type (#1792) (f6dec99), refs #873
    • option/internaloption: Add new EmbeddableAdapter option (#1787) (1569e5b)

    Bug Fixes

    • idtoken: Configure validator constructor to use no authentication (#1789) (b35900a), refs #1682

    v0.105.0

    0.105.0 (2022-12-14)

    Features

    • all: Auto-regenerate discovery clients (#1773) (37a2e41)
    • all: Auto-regenerate discovery clients (#1777) (5b02761)
    • googleapi: Add response headers to Error reported by CheckMediaResponse (#1781) (e4271df)
    • Support set null map entries for non-simple map values (#1782) (c58bf4c)

    v0.104.0

    0.104.0 (2022-12-07)

    Features

    Bug Fixes

    • idtoken: Increase MaxIdleConnsPerHost to 100 in NewClient (#1754) (629e217), refs #1744

    ... (truncated)

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.106.0 (2023-01-04)

    Features

    • all: Auto-regenerate discovery clients (#1784) (a7f08e2)
    • all: Auto-regenerate discovery clients (#1788) (9fb35f5)
    • all: Auto-regenerate discovery clients (#1790) (7bd17b3)
    • all: Auto-regenerate discovery clients (#1794) (3944e86)
    • idtoken: Add support for impersonated_service_account creds type (#1792) (f6dec99), refs #873
    • option/internaloption: Add new EmbeddableAdapter option (#1787) (1569e5b)

    Bug Fixes

    • idtoken: Configure validator constructor to use no authentication (#1789) (b35900a), refs #1682

    0.105.0 (2022-12-14)

    Features

    • all: Auto-regenerate discovery clients (#1773) (37a2e41)
    • all: Auto-regenerate discovery clients (#1777) (5b02761)
    • googleapi: Add response headers to Error reported by CheckMediaResponse (#1781) (e4271df)
    • Support set null map entries for non-simple map values (#1782) (c58bf4c)

    0.104.0 (2022-12-07)

    Features

    Bug Fixes

    • idtoken: Increase MaxIdleConnsPerHost to 100 in NewClient (#1754) (629e217), refs #1744
    • transport/grpc: Separate resolution of creds and certs (#1759) (c213153)

    ... (truncated)

    Commits
    • ac7eb8f chore(main): release 0.106.0 (#1786)
    • 3944e86 feat(all): auto-regenerate discovery clients (#1794)
    • f6dec99 feat(idtoken): add support for impersonated_service_account creds type (#1792)
    • ddb5c65 test: add buffer to both sides of token expiry validation (#1797)
    • b35900a fix(idtoken): configure validator constructor to use no authentication (#1789)
    • ca86833 chore(all): update all (#1796)
    • a6b0739 chore: skip generating integrations:v1 as it fails generation (#1793)
    • 7bd17b3 feat(all): auto-regenerate discovery clients (#1790)
    • 9fb35f5 feat(all): auto-regenerate discovery clients (#1788)
    • 1569e5b feat(option/internaloption): add new EmbeddableAdapter option (#1787)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 0
  • Fixed issue GO-2022-1144

    Fixed issue GO-2022-1144

    • Fixed issue https://deps.dev/advisory/osv/GO-2022-1144

    https://deps.dev/go/github.com%2Fossf%2Fcriticality_score

    image

    Signed-off-by: nathannaveen [email protected]

    opened by nathannaveen 0
  • Publish Docker Images to ghcr.io

    Publish Docker Images to ghcr.io

    • Published the docker images to ghcr.io
    • Here is an example: https://github.com/nathannaveen?tab=packages&repo_name=criticality_score, https://github.com/nathannaveen/criticality_score/actions/runs/3810049085
    • After https://github.com/ossf/criticality_score/pull/293 gets merged in, I will include docker images for scorer.

    Signed-off-by: nathannaveen [email protected]

    opened by nathannaveen 0
Releases(v1.0.7)
Owner
Open Source Security Foundation (OpenSSF)
Open Source Security Foundation (OpenSSF)
A NetBox Plugin that gives a UI for generating, comparing and deploying configurations to devices.

netbox_config_plugin - A plugin to generate, compare and deploy configurations This plugin allows you to execute your code to generate a config for a

Jo 11 Dec 21, 2022
This tool helps you to reverse any regex and gives you the opposite/allowed Letters,numerics and symbols.

Regex-Reverser This tool helps you to reverse any regex and gives you the opposite/allowed Letters,numerics and symbols. Screenshots Usage/Examples py

x19 0 Jun 2, 2022
Gives you more advanced math in python.

AdvancedPythonMath Gives you more advanced math in python. Functions .simplex(args: {number}) .circ(args: {raidus}) .pytha(args: {leg_a + leg_2}) .slo

Voidy Devleoper 1 Dec 25, 2021
A small Python library which gives you the IEEE-754 representation of a floating point number.

ieee754 ieee754 is small Python library which gives you the IEEE-754 representation of a floating point number. You can specify a precision given in t

Bora Canbula 5 Dec 20, 2022
Stopmagic gives you the power of creating amazing Stop Motion animations faster and easier than ever before.

Stopmagic gives you the power of creating amazing Stop Motion animations faster and easier than ever before. This project is maintained by Aldrin Mathew.

Aldrin's Art Factory 67 Dec 31, 2022
null 1 May 12, 2022
Ultimate Score Server for RealistikOsu

USSR Ultimate Score Server for RealistikOsu (well not just us but it makes the acronym work.) Also I wonder how long this name will last. What is this

RealistikOsu! 15 Dec 14, 2022
This alerts you when the avalanche score a goal

This alerts you when the avalanche score a goal

Davis Burrill 1 Jan 15, 2022
chiarose(XCR) based on chia(XCH) source code fork, open source public chain

chia-rosechain 一个无耻的小活动 | A shameless little event 如果您喜欢这个项目,请点击star 将赠送您520朵玫瑰,可以去 facebook 留下您的(xcr)地址,和github用户名。 If you like this project, please

ddou123 376 Dec 14, 2022
Source-o-grapher is a tool built with the aim to investigate software resilience aspects of Open Source Software (OSS) projects.

Source-o-grapher is a tool built with the aim to investigate software resilience aspects of Open Source Software (OSS) projects.

Aristotle University 5 Jun 28, 2022
An open-source Python project series where beginners can contribute and practice coding.

Python Mini Projects A collection of easy Python small projects to help you improve your programming skills. Table Of Contents Aim Of The Project Cont

Leah Nguyen 491 Jan 4, 2023
Open source style Deep Dream project

DeepDream ⚠️ If you don't have a gpu with cuda, the style transfer execution time will be much longer Prerequisites Python >=3.8.10 How to Install sud

Patrick martins de lima 7 May 17, 2022
This Open-Source project is great for sensor capture and storage solutions.

Phase 1 This project helps developers in the creation of extended realities that communicate with Arduino and require the security of blockchain stora

Wolfberry, LLC 10 Dec 28, 2022
A free and open-source chess improvement app that combines the power of Lichess and Anki.

A free and open-source chess improvement app that combines the power of Lichess and Anki. Chessli Project Activity & Issue Tracking PyPI Build & Healt

null 93 Nov 23, 2022
🏆 A ranked list of awesome Python open-source libraries and tools. Updated weekly.

Best-of Python ?? A ranked list of awesome Python open-source libraries & tools. Updated weekly. This curated list contains 230 awesome open-source pr

Machine Learning Tooling 2.7k Jan 3, 2023
TickerRain is an open-source web app that stores and analysis Reddit posts in a transparent and semi-interactive manner.

TickerRain is an open-source web app that stores and analysis Reddit posts in a transparent and semi-interactive manner

GonVas 180 Oct 8, 2022
Open source home automation that puts local control and privacy first

Home Assistant Open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiast

Home Assistant 57k Jan 2, 2023
Nimbus - Open Source Cloud Computing Software - 100% Apache2 licensed

⚠️ The Nimbus infrastructure project is no longer under development. ⚠️ For more information, please read the news announcement. If you are interested

Nimbus 194 Jun 30, 2022
World's best free and open source ERP.

World's best free and open source ERP.

Frappe 12.5k Jan 7, 2023