OpenSSF Glossary

The OpenSSF Glossary aims to make the open source security space simpler for people by making it easier to understand, not only for technologists but also for people on the business side. To achieve that, we focus on simplicity (e.g., simple language free from buzzwords, examples anyone using technology can relate to, leaving unnecessary details out). The Glossary is a project led by the OpenSSF Best Practices for Software Developers Working Group.

Contributing

Everybody is invited to suggest changes, additions, and improvements to the OpenSSF Glossary. We employ a community-driven process governed by the OpenSSF to develop and improve upon this shared lexicon. This Glossary provides a vendor-neutral platform to organize a shared vocabulary around open source software security. Contributions are welcome from all participants who abide by the project’s purpose and charter.

Anyone wishing to contribute may submit a GitHub issue or create a pull request. Please ensure you follow the Style Guide and read the How To Contribute doc.

License

All code contributions are under the Apache 2.0 license. Documentation is distributed under CC BY 4.0.