Gives criticality score for an open source project

Overview

Open Source Project Criticality Score (Beta)

This project is maintained by members of the Securing Critical Projects WG.

Goals

  1. Generate a criticality score for every open source project.

  2. Create a list of critical projects that the open source community depends on.

  3. Use this data to proactively improve the security posture of these critical projects.

Criticality Score

A project's criticality score defines the influence and importance of a project. It is a number between 0 (least-critical) and 1 (most-critical). It is based on the following algorithm by Rob Pike:

We use the following parameters to derive the criticality score for an open source project:

Parameter (Si) Weight (αi) Max threshold (Ti) Description Reasoning
created_since 1 120 Time since the project was created (in months) Older project has higher chance of being widely used or being dependent upon.
updated_since -1 120 Time since the project was last updated (in months) Unmaintained projects with no recent commits have higher chance of being less relied upon.
contributor_count 2 5000 Count of project contributors (with commits) Different contributors involvement indicates project's importance.
org_count 1 10 Count of distinct organizations that contributors belong to Indicates cross-organization dependency.
commit_frequency 1 1000 Average number of commits per week in the last year Higher code churn has slight indication of project's importance. Also, higher susceptibility to vulnerabilities.
recent_releases_count 0.5 26 Number of releases in the last year Frequent releases indicates user dependency. Lower weight since this is not always used.
closed_issues_count 0.5 5000 Number of issues closed in the last 90 days Indicates high contributor involvement and focus on closing user issues. Lower weight since it is dependent on project contributors.
updated_issues_count 0.5 5000 Number of issues updated in the last 90 days Indicates high contributor involvement. Lower weight since it is dependent on project contributors.
comment_frequency 1 15 Average number of comments per issue in the last 90 days Indicates high user activity and dependence.
dependents_count 2 500000 Number of project mentions in the commit messages Indicates repository use, usually in version rolls. This parameter works across all languages, including C/C++ that don't have package dependency graphs (though hack-ish). Plan to add package dependency trees in the near future.

NOTE:

  • We are looking for community ideas to improve upon these parameters.
  • There will always be exceptions to the individual reasoning rules.

Usage

The program only requires one argument to run, the name of the repo:

$ pip3 install criticality-score

$ criticality_score --repo github.com/kubernetes/kubernetes
name: kubernetes
url: https://github.com/kubernetes/kubernetes
language: Go
description: Production-Grade Container Scheduling and Management
created_since: 87
updated_since: 0
contributor_count: 3999
watchers_count: 79583
org_count: 5
commit_frequency: 97.2
recent_releases_count: 70
updated_issues_count: 5395
closed_issues_count: 3062
comment_frequency: 5.5
dependents_count: 454393
criticality_score: 0.99107

You can add your own parameters to the criticality score calculation. For example, you can add internal project usage data to re-adjust the project's criticality score for your prioritization needs. This can be done by adding the --params : : ... argument on the command line.

Authentication

Before running criticality score, you need to:

# For posix platforms, e.g. linux, mac:
export GITHUB_AUTH_TOKEN=<your access token>

# For windows:
set GITHUB_AUTH_TOKEN=<your access token>
  • For GitLab repos, you need to create a GitLab access token and set it in environment variable GITLAB_AUTH_TOKEN. This helps to avoid the GitLab's api limitations for unauthenticated users.
# For posix platforms, e.g. linux, mac:
export GITLAB_AUTH_TOKEN=<your access token>

# For windows:
set GITLAB_AUTH_TOKEN=<your access token>

Formatting Results

There are three formats currently: default, json, and csv. Others may be added in the future.

These may be specified with the --format flag.

Public Data

If you're only interested in seeing a list of critical projects with their criticality score, we publish them in csv format.

This data is available on Google Cloud Storage and can be downloaded via the gsutil command-line tool or the web browser here.

NOTE: Currently, these lists are derived from projects hosted on GitHub ONLY. We do plan to expand them in near future to account for projects hosted on other source control systems.

$ gsutil ls gs://ossf-criticality-score/*.csv
gs://ossf-criticality-score/c_top_200.csv
gs://ossf-criticality-score/cplusplus_top_200.csv
gs://ossf-criticality-score/csharp_top_200.csv
gs://ossf-criticality-score/go_top_200.csv
gs://ossf-criticality-score/java_top_200.csv
gs://ossf-criticality-score/js_top_200.csv
gs://ossf-criticality-score/php_top_200.csv
gs://ossf-criticality-score/python_top_200.csv
gs://ossf-criticality-score/ruby_top_200.csv
gs://ossf-criticality-score/rust_top_200.csv
gs://ossf-criticality-score/shell_top_200.csv

This data is generated using this generator script. For example, to generate a list of top 200 C language projects, run:

$ pip3 install python-gitlab PyGithub
$ python3 -u -m criticality_score.generate \
    --language c --count 200 --sample-size 5000 --output-dir output

We have also aggregated the results over 100K repositories in GitHub (language-independent) and are available for download here.

Contributing

If you want to get involved or have ideas you'd like to chat about, we discuss this project in the Securing Critical Projects WG meetings.

See the Community Calendar for the schedule and meeting invitations.

See the Contributing documentation for guidance on how to contribute.

Comments
  • GeoTools not showing in top 200 for java projects, run criticality score on larger sample set

    GeoTools not showing in top 200 for java projects, run criticality score on larger sample set

    I looked at the top 200 Java projects, out of curiosity, to see if any of the projects I'm working on, like GeoTools, is included in the list. It was not, which is not an issue per se, but then I've computed the criticality score from command line, getting this:

    criticality_score --repo "https://github.com/geotools/geotools"
    name: geotools
    url: https://github.com/geotools/geotools
    language: Java
    created_since: 111
    updated_since: 0
    contributor_count: 315
    org_count: 6
    commit_frequency: 9.7
    recent_releases_count: 16
    closed_issues_count: 150
    updated_issues_count: 161
    comment_frequency: 1.0
    dependents_count: 337
    criticality_score: 0.66477
    

    The score alone would place the project at around position 100 of the top 200 projects. Since it's a no show, I'm wondering if there is any other criteria used to include/exclude projects, besides the pure score?

    opened by aaime 12
  • Use project first commit date for created_since, instead of github project creation date

    Use project first commit date for created_since, instead of github project creation date

    For many projects the github creation date might not match the project creation date.

    Would it be better to look at the date of the oldest commit in the repository?

    For example, for OpenSSL the computed creation_since value is 95 months, as the date of creation of a github mirror (2013-01-15T22:34:48Z), but the project is almost 22 years old (the first commit in the master branch dates back to 1998-12-21T10:52:45+00:00)!

    The cap for the field is 10 years anyway, so it's not that bad, but still it is one parameter in the equation that might be adjusted.

    Edit: this also affects other fields (e.g. recent_releases) when they are computed based on estimates based on the time since creation.

    Thoughts?

    priority 
    opened by romen 7
  • What is dependents_count parameter, looks suspect ?

    What is dependents_count parameter, looks suspect ?

    I asked for the criticality info on several projects in my industry's ecosystem, and the dependents_count really confuses me and makes me suspicious about how it's computed. Some of the projects I checked are hard dependencies of others, so if transitive dependencies are being properly tracked, the former should always have higher dependents_count than the latter, no? But this is not the case.

    One project that I run is very specialized and is of no use to casual small projects, only making sense as an embedded component of a large open source or commercial app. So while certainly very important in my industry and having a large number of end users touch those things in which it is embedded, I expect it to have a tiny number of directly downstream projects. Yet it has an absurdly, implausibly high dependents_count. Other projects I checked on that I know are directly used by orders of magnitude more projects, have implausibly low dependents_count.

    Is there some kind of verbose mode that prints details that would give us more information about how these scores are computed? Like, more insight into why it thinks a project has few or many dependent projects?

    I should mention that these are C++ projects, so perhaps the means by which dependencies are tracked is very flawed compared to a python (say) which may have a requirements.txt. How is it computed for C++? Has anybody considered promoting a GitHub convention of having a particularly named file serve as a manifest for what other projects a code base is dependent on? (Informationally only, since no C++ build system cares about such things.)

    question+answer 
    opened by lgritz 6
  • Maven and Gradle not in the Top 2000 java list

    Maven and Gradle not in the Top 2000 java list

    Hi,

    I just saw that the Maven and Gradle projects are less important that 2000 java projects where they are used in as a build tool. Maybe due to the fact that they:

    • are not a declared dependency
    • https://github.com/ossf/criticality_score/issues/14
    • https://github.com/ossf/criticality_score/issues/23
    • external issue tracker
    • All the parts (pluggable, not a dependency!) are split into many repositories
    • Mosten downloaded via maven.org, sdkman, package systems, etc

    Probably the same for other languages and build-tools, but haven’t checked.

    opened by bmarwell 6
  • Installation does not work as described in README

    Installation does not work as described in README

    I get:

    $ pip3 install criticality-score
    Collecting criticality-score
      Could not find a version that satisfies the requirement criticality-score (from versions: )
    No matching distribution found for criticality-score
    
    opened by sschuberth 6
  • Add Watchers/Description Metrics

    Add Watchers/Description Metrics

    I wanted to submit a suggestion to include GitHub Watchers (to help assess popularity) and the GitHub Description (to clarify the project's overall goal). I am currently helping contribute to OSSF's Security Metrics project, in which we are retrieving several of the GitHub metrics covered in this project (but also need to analyze the two mentioned above to help with our overall security assessment). If these can be included via the pull request I have submitted that would be extremely helpful. Thank you!

    opened by dilanbhalla 5
  • Handle empty repo case

    Handle empty repo case

    When I was running the script, I bumped into these repos that they fall into the filter due to high number of stars but they're actually empty and the script throws an exception: https://github.com/fossasia/libregraphics.asia https://github.com/libredesktop/libredesktop-events https://github.com/libredesktop/libredesktop-project-list https://github.com/libredesktop/LibreDesktop-Specs https://github.com/meilix/arch-meilix https://github.com/meilix/deb-meilix https://github.com/meilix/meilix-addons https://github.com/meilix/meilix-art https://github.com/meilix/meilix-connect https://github.com/meilix/meilix-web https://github.com/susiai/susi_partners https://github.com/susiai/susi_sdk https://github.com/ascoders/blog https://github.com/bigdongdongCLUB/newGCP https://github.com/koush/support-wiki https://github.com/mariobehling/ai-packages https://github.com/mariobehling/mb-sandbox https://github.com/meilix/meilix-docs https://github.com/paulirish/devtools-addons https://github.com/QingDaoIT/BlackList https://github.com/zhengzhouqiuzhi/zhengzhouqiuzhi

    To handle it, for GitLab, checking the commits length was enough:

    if len(repo.commits.list()) == 0:
    

    For GitHub, I couldn't find any proper way to understand whether the repo is empty. When we call "get_commits().totalCount", it already throws an exception. What I did is to force it to throw the exception by assigning "totalCount" to an unused variable (I could do it by printing the value as well?). Not an ideal solution, so let me know what you think.

    try:
    	repo = get_github_auth_token().get_repo(repo_url)
    	# Validate whether repo is empty; if it's empty, calling totalCount throws a 409 exception
    	total_commits = repo.get_commits().totalCount
    except github.GithubException as exp:
    	if exp.status == 404 or exp.status == 409:
    		return None
    return GitHubRepository(repo)
    

    Another remark is that we're spending one more request from our rate limit when calling "get_commits()" to make this validation. I only tested this for GitHub, but I'm assuming it's the same for GitLab as well.

    Alternatively, we can make all these calls before initializing the repo, do the validations, and pass them to repo object as arguments? This would also help us reducing the number of call to the API, but making these changes would take some time.

    To be able to test my changes, I created empty repos on both GitHub & GitLab btw: https://github.com/coni2k/empty-repo https://gitlab.com/coni2k/empty-repo

    Last, I also added this bit to "generate" script. Otherwise it fails when there are no processed repos:

    if len(stats) == 0:
        return
    
    opened by coni2k 5
  • Adds repolist command line parameter

    Adds repolist command line parameter

    The new --repolist parameter takes the name of a file containing a list of repositories to score.

    usage: run.py [-h] (--repo REPO | --repolist REPOLIST | --local-file L_FILE) [--format {default,csv,json}] [--params PARAMS [PARAMS ...]]

    Gives criticality score for an open source project or a list of projects.

    optional arguments: -h, --help show this help message and exit --repo REPO repository url --repolist REPOLIST listfile of repository urls --local-file L_FILE path of a local csv file with repo stats --format {default,csv,json} output format. allowed values are [default, csv, json] --params PARAMS [PARAMS ...] Additional parameters in form ::<max_threshold>

    This at least partially addresses Issue #97

    Signed-off-by: Arnaud J Le Hors [email protected]

    opened by lehors 4
  • why apache/spark isn't in Java top 200 public data?

    why apache/spark isn't in Java top 200 public data?

    Spark has much higher score than ElasticSearch and Beam, Spark is missing but ElasticSearch and Beam are there, why?

    apache/spark:

    $ criticality_score --repo github.com/apache/spark
    name: spark
    url: https://github.com/apache/spark
    language: Scala
    created_since: 83
    updated_since: 0
    contributor_count: 2374
    org_count: 4
    commit_frequency: 53.8
    recent_releases_count: 20
    closed_issues_count: 1252
    updated_issues_count: 1456
    comment_frequency: 12.1
    dependents_count: 396346
    criticality_score: 0.96476
    

    elastic/elasticsearch:

    $ criticality_score --repo github.com/elastic/elasticsearch
    name: elasticsearch
    url: https://github.com/elastic/elasticsearch
    language: Java
    created_since: 132
    updated_since: 0
    contributor_count: 1709
    org_count: 3
    commit_frequency: 127.1
    recent_releases_count: 21
    closed_issues_count: 7966
    updated_issues_count: 9234
    comment_frequency: 1.0
    dependents_count: 95320
    criticality_score: 0.88175
    

    apache/beam:

    $ criticality_score --repo github.com/apache/beam
    name: beam
    url: https://github.com/apache/beam
    language: Java
    created_since: 59
    updated_since: 0
    contributor_count: 980
    org_count: 7
    commit_frequency: 67.1
    recent_releases_count: 7
    closed_issues_count: 725
    updated_issues_count: 826
    comment_frequency: 4.3
    dependents_count: 11397
    criticality_score: 0.8319
    
    opened by Dieken 4
  • How are the top 200 lists computed?

    How are the top 200 lists computed?

    I am directly responsible for two open source projects. I was shocked to see that one is on your "top 200" list of C++ projects. The other project has been around longer, has more contributors, more PRs, surely has an order of magnitude more downstream users, and in fact has a much higher criticality score. But it's not on the list. I can't quite figure out what the top 200 would be measuring (I would think the 200 projects with the very highest criticality score itself? But apparently not?) for the first project to show up on the list but not the other.

    Can you give any insight about WHAT is being ranked in your "top" lists?

    opened by lgritz 4
  • Language implementation is less critical than language project generator, create list for TypeScript projects inside JS list.

    Language implementation is less critical than language project generator, create list for TypeScript projects inside JS list.

    tsdx, a TypeScript project generator, appears in the top 200 list for JavaScript packages; however, TypeScript itself does not. That seems somewhat counterintuitive.

    opened by DanielRosenwasser 4
  • Bump cloud.google.com/go/bigquery from 1.43.0 to 1.45.0

    Bump cloud.google.com/go/bigquery from 1.43.0 to 1.45.0

    Bumps cloud.google.com/go/bigquery from 1.43.0 to 1.45.0.

    Release notes

    Sourced from cloud.google.com/go/bigquery's releases.

    bigquery: v1.45.0

    1.45.0 (2023-01-05)

    Features

    • bigquery/datapolicies: Start generating apiv1 (#7204) (fd71cba)
    • bigquery/datatransfer: Add location methods (06a54a1)
    • bigquery: Add REST client (06a54a1)
    • bigquery: Rewrite signatures and type in terms of new location (620e6d8)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 0
  • Bump actions/checkout from 3.1.0 to 3.3.0

    Bump actions/checkout from 3.1.0 to 3.3.0

    Bumps actions/checkout from 3.1.0 to 3.3.0.

    Release notes

    Sourced from actions/checkout's releases.

    v3.3.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3.2.0...v3.3.0

    v3.2.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3.1.0...v3.2.0

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 0
  • Bump google.golang.org/api from 0.102.0 to 0.106.0

    Bump google.golang.org/api from 0.102.0 to 0.106.0

    Bumps google.golang.org/api from 0.102.0 to 0.106.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.106.0

    0.106.0 (2023-01-04)

    Features

    • all: Auto-regenerate discovery clients (#1784) (a7f08e2)
    • all: Auto-regenerate discovery clients (#1788) (9fb35f5)
    • all: Auto-regenerate discovery clients (#1790) (7bd17b3)
    • all: Auto-regenerate discovery clients (#1794) (3944e86)
    • idtoken: Add support for impersonated_service_account creds type (#1792) (f6dec99), refs #873
    • option/internaloption: Add new EmbeddableAdapter option (#1787) (1569e5b)

    Bug Fixes

    • idtoken: Configure validator constructor to use no authentication (#1789) (b35900a), refs #1682

    v0.105.0

    0.105.0 (2022-12-14)

    Features

    • all: Auto-regenerate discovery clients (#1773) (37a2e41)
    • all: Auto-regenerate discovery clients (#1777) (5b02761)
    • googleapi: Add response headers to Error reported by CheckMediaResponse (#1781) (e4271df)
    • Support set null map entries for non-simple map values (#1782) (c58bf4c)

    v0.104.0

    0.104.0 (2022-12-07)

    Features

    Bug Fixes

    • idtoken: Increase MaxIdleConnsPerHost to 100 in NewClient (#1754) (629e217), refs #1744

    ... (truncated)

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.106.0 (2023-01-04)

    Features

    • all: Auto-regenerate discovery clients (#1784) (a7f08e2)
    • all: Auto-regenerate discovery clients (#1788) (9fb35f5)
    • all: Auto-regenerate discovery clients (#1790) (7bd17b3)
    • all: Auto-regenerate discovery clients (#1794) (3944e86)
    • idtoken: Add support for impersonated_service_account creds type (#1792) (f6dec99), refs #873
    • option/internaloption: Add new EmbeddableAdapter option (#1787) (1569e5b)

    Bug Fixes

    • idtoken: Configure validator constructor to use no authentication (#1789) (b35900a), refs #1682

    0.105.0 (2022-12-14)

    Features

    • all: Auto-regenerate discovery clients (#1773) (37a2e41)
    • all: Auto-regenerate discovery clients (#1777) (5b02761)
    • googleapi: Add response headers to Error reported by CheckMediaResponse (#1781) (e4271df)
    • Support set null map entries for non-simple map values (#1782) (c58bf4c)

    0.104.0 (2022-12-07)

    Features

    Bug Fixes

    • idtoken: Increase MaxIdleConnsPerHost to 100 in NewClient (#1754) (629e217), refs #1744
    • transport/grpc: Separate resolution of creds and certs (#1759) (c213153)

    ... (truncated)

    Commits
    • ac7eb8f chore(main): release 0.106.0 (#1786)
    • 3944e86 feat(all): auto-regenerate discovery clients (#1794)
    • f6dec99 feat(idtoken): add support for impersonated_service_account creds type (#1792)
    • ddb5c65 test: add buffer to both sides of token expiry validation (#1797)
    • b35900a fix(idtoken): configure validator constructor to use no authentication (#1789)
    • ca86833 chore(all): update all (#1796)
    • a6b0739 chore: skip generating integrations:v1 as it fails generation (#1793)
    • 7bd17b3 feat(all): auto-regenerate discovery clients (#1790)
    • 9fb35f5 feat(all): auto-regenerate discovery clients (#1788)
    • 1569e5b feat(option/internaloption): add new EmbeddableAdapter option (#1787)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 0
  • Fixed issue GO-2022-1144

    Fixed issue GO-2022-1144

    • Fixed issue https://deps.dev/advisory/osv/GO-2022-1144

    https://deps.dev/go/github.com%2Fossf%2Fcriticality_score

    image

    Signed-off-by: nathannaveen [email protected]

    opened by nathannaveen 0
  • Publish Docker Images to ghcr.io

    Publish Docker Images to ghcr.io

    • Published the docker images to ghcr.io
    • Here is an example: https://github.com/nathannaveen?tab=packages&repo_name=criticality_score, https://github.com/nathannaveen/criticality_score/actions/runs/3810049085
    • After https://github.com/ossf/criticality_score/pull/293 gets merged in, I will include docker images for scorer.

    Signed-off-by: nathannaveen [email protected]

    opened by nathannaveen 0
Releases(v1.0.7)
Owner
Open Source Security Foundation (OpenSSF)
Open Source Security Foundation (OpenSSF)
Script to check if your Bistromatic handle everything as it should.

Bistromatic Checker Script to check if your Bistromatic handle everything as it should. The bistromatic is the project marking the end of the CPool at

Mathias 1 Dec 27, 2021
Empresas do Brasil (CNPJs)

Biblioteca em Python que coleta informações cadastrais de empresas do Brasil (CNPJ) obtidas de fontes oficiais (Receita Federal) e exporta para um formato legível por humanos (CSV ou JSON).

BR-API: Democratizando dados do Brasil. 8 Aug 17, 2022
Learning a Little about Containerlab

Learning a Little about Containerlab Hello all. This is the respository based on this blog post. Getting Started Feel free to use this example. You wi

10 Oct 16, 2022
Binary++ is an esoteric programming language based on* binary

Binary++ is an esoteric programming language based on* binary. * It's meant to be based on binary, but you can write Binary++ code using different mea

Supercolbat 3 Feb 18, 2022
Devil - Very Semple Auto Filter V1 Bot

Devil Very Semple Auto Filter V1 Bot

2 Jun 27, 2022
Robotic hamster to give you financial advice

hampp Robotic hamster to give you financial advice. I am not liable for any advice that the hamster gives. Follow at your own peril. Description Hampp

1 Nov 17, 2021
Pacman - A suite of tools for manipulating debian packages

Overview Repository is a suite of tools for manipulating debian packages. At a h

Pardis Pashakhanloo 1 Feb 24, 2022
A script that convert WiiU BotW mods to Switch

UltimateBoTWConverter A script that convert WiiU BotW mods to Switch. It uses every resource I could find under the sun that allows for conversion, wi

11 Nov 08, 2022
A wrapper for the apt package manager.

A wrapper for the apt package manager.

531 Jan 04, 2023
Experimental Brawl Stars v36.218 server emulator written in Python.

Brawl Stars v36 Experimental Brawl Stars v36.218 server emulator written in Python. Requirements: Python 3.7 or higher colorama Running the server In

8 Oct 31, 2021
Aoc 2021 kedro playground with python

AOC 2021 Overview This is your new Kedro project, which was generated using Kedro 0.17.5. Take a look at the Kedro documentation to get started. Rules

1 Dec 20, 2021
🤞 Website-Survival-Detection

- 🤞 Website-Survival-Detection It can help you to detect the survival status of the website in batches and return the status code! - 📜 Instructions

B0kd1 4 Nov 14, 2022
Types for the Rasterio package

types-rasterio Types for the rasterio package A work in progress Install Not yet published to PyPI pip install types-rasterio These type definitions

Kyle Barron 7 Sep 10, 2021
Dotfiles & list of programs

dotfiles & list of programs So I wanted to just backup my most used files. I have a bad habit, sometimes I get tired of a distro and do a wipe and sta

2 Sep 04, 2022
Helps compare between New and Old Tax Regime.

Income-Tax-Calculator Helps compare between New and Old Tax Regime. Sample Console Input/Output

2 Jan 10, 2022
A very small (15 lines of code) and beautiful fetch script (exclusively for Arch Linux).

minifetch A very small (15 lines of code) and beautiful fetch script (exclusively for Arch Linux). There are many fetch scripts out there but I wanted

16 Jul 11, 2022
Library for RadiaCode-101

RadiaCode Библиотека для работы с дозиметром RadiaCode-101, находится в разработке - API не стабилен и возможны изменения. Пример использования (backe

Maxim Andreev 56 Nov 29, 2022
A calculator developed in Python.

Calculadora Uma simples calculadora... ( + − × ÷ ) 💻 Situação do projeto: Projeto finalizado ✔️ 🛠 Tecnologias: Python Tkinter (GUI) ⚙️ Pré-requisito

Arthur V.B.S. 1 Jan 27, 2022
A comprensive software collection for nmea manipulation

nmeatoolkit A comprensive software collection for nmea manipulation; it includes a library and a collections of command line tools. Library pipes: con

Davide Gessa 1 Sep 14, 2022
An application for automation of the mining function in the game Alienworlds.IO

alienautomation A Python script made to automate the tidious job of mining on AlienWorlds This script: Automatically opens the browser Automatically l

anonieXdev 42 Dec 03, 2022