In-Q-Tel built an open source software 'nutrition label'

By GovFresh · January 26, 2022

In-Q-Tel built a “nutrition label” prototype that gives developers insight into the health of open source software packages.

In-Q-Tel asks:

If software developers and software program managers had access to information about the health and security of specific open source software packages – like shoppers in a grocery store looking at food nutrition labels – would they be empowered to make better choices about which software packages to use?

For context, In-Q-Tel created a nutrition label for FakeFinder, an open source tool that analyzes whether a video contains deepfakes.

Indicators used for the label include package totals for contributors, maintainers, dependencies and versions, as well as license type, funding resources, package health scores and days since last release.

Code for the OSS nutrition label is available at the GitHub repository.

Radar

News we're paying attention to.

Radar

Support

Thank you for supporting our work.

Support

Subscribe

Stay updated.

Subscribe

Suggest

Help make GovFresh better.

Suggest