Google Comes Up With A Metric For Gauging Critical Open-Source Projects

Written by Michael Larabel in Google on 10 December 2020 at 12:53 PM EST. 17 Comments
GOOGLE
Google as part of their involvement in the Open-Source Security Foundation (OpenSSF) has devised the "Criticality Score" as a means of judging crucial open-source projects.

In order for being able to determine projects in need of support for funding or development assistance, Google with the other OpenSSF parties came up with the "Criticality Score" as a 0 to 1 metric for indicating a project's criticalness.

The Criticality Score is calculated based on the age of the project, the last time it was updated, the number of contributors to the project, the number of organizations that contributors belong to, the commit frequency, the releases over the past year, the number of updated and closed issues in the last 90 days, the comment frequency, and the number of project mentions in the commit messages.


According to their automated scoring, the top ten C-based projects rated by the Cruciality Score include Git, the Linux kernel (actually in spots 2 and 3, with the 2nd place spot coming ahead of mainline Linux being the Raspberry Pi Linux kernel), PHP, OpenSSl, systemd, Curl, U-Boot, QEMU, and Mbed-OS.

Their ten most critical C++ projects include Tensorflow, Ceph, PyTorch, Bitcoin, Electron, Marlin, Cataclysm-DDA, LLVM, RocksDB, and QGIS.

Meanwhile for Java projects the top 10 includes ElasticSearch, Flink, Spring-Boot, Hadoop, Netty, Jenkins, Beam, Bazel, Alluxio, and PMD.

Google announced the Criticality Score today and for those wanting to learn more about the Criticality Score or even try it out on arbitrary Git repositories can find out more via ossf/criticality_core on GitHub.
17 Comments
Related News
Google Announces Axion ARM-Based CPUs For The Cloud
Google's Jpegli Offers ~35% Compression Improvement For High Quality JPEGs
Google Making $1M USD Investment To Improve Rust & C++ Interoperability
Chrome 121 Adds New CSS & WebGPU Features
The Mainline Linux Kernel To Finally Support The Google Tensor GS101 SoC & Pixel 6
Chrome 120 Released With Theora Support Evaporating, Adds WebGPU & CSS Improvements
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
Fedora Linux 40 Cleared For Release Next Week
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Ubuntu 24.04 Supports Easy Installation Of OpenZFS Root File-System With Encryption
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"