Feb 21, 2023
A major advantage of open-source projects is the opportunity for the community to use the project, to take part in and support it and to keep it up to date. Unfortunately, there is also a downside to that. A lot of projects fail to gain the interest of the community or are abandoned somewhere along the line, especially if there is no company or institution which depends on that project and thus has an interest in keeping it working.
You can probably imagine that it is impossible to keep track of which library is still maintained and up to date – at least manually. This is where the Critical Open-Source Software Database (CrOSSD) comes in. We want to create a website that provides information on whether a project is “healthy” or not, and will also provide tools for use in automated build processes and CI/CD. Although some other projects already provide quantitative data about the health of open-source projects, we want to step up the game. Quantitative information is not enough to determine the health of a project, as qualitative factors such as funding or the backing of a company can be vital as well. Therefore, we will start off this project by collecting and defining those metrics as well as a way to retrieve the required data.
Let’s make our idea clearer by taking a look at our concept graph:
Our idea is rather simple. We collect quantitative data from code repositories and other public sources, mix in data about qualitative factors and analyze it using our metrics. We store the results in our database, update them regularly and provide them via a web interface. We will also provide tools for integration in CI/CD processes, IDEs, etc.
Our main focus during the initial project phase supported by netidee will lie on the two most vital aspects of our project:
Our results will be shared via this blog, so stay tuned!