This landscape is intended as a map to explore the OpenSSF Ecosystem, and also shows the member companies of the Open Source Security Foundation. It is modeled after the Cloud Native Computing Foundation (CNCF) landscape and based on the same open-source code.
This repository contains the data files and images required to generate the OpenSSF landscape. The software that generates it can be found at the cncf/landscape2 repository. Please see its README file for more information about how it works.
The requirements for adding new entries for open source projects in the visual and special effects industries is as follows:
- Projects must be open source and hosted on or mirrored to GitHub.
- Projects with at least 300 GitHub stars that clearly fit in an existing category are generally included. Put the project in the single category where it best fits.
- Projects that clearly fit in an existing category are generally included. Put the project in the single category where it best fits. We are unlikely to create a new category for projects as we'd rather find the best home with the current options.
- Projects a logo and the logo needs to include the name.
If you think your project should be included, please open a pull request to add it to landscape.yml. For the logo, upload an SVG to the hosted_logos directory.
Please open a pull request with edits to landscape.yml.
If the error is with data from Crunchbase you should open an account there and edit the data. If you don't like a project description, edit it in GitHub. If your project isn't showing the license correctly, you may need to paste the unmodified text of the license into a LICENSE file at the root of your project in GitHub, in order for GitHub to serve the license information correctly.
OpenSSF Member data in this repository ( which in the landscape.yml file is under OpenSSF Members ) is built nightly using the LFX Landscape Tools. Any changes made directly in the data files in this repository for OpenSSF Members will be overwritten.
- For member entries, you can make these changes in LFX Organization Dashboard.
If you cannot access the above resources, please create a helpdesk ticket to request those changes.
You can build the landscape locally on your machine using the landscape2 tool. Once installed, you can use the commands below to build the landscape and serve it locally.
landscape2 build --data-file landscape.yml --settings-url https://raw.githubusercontent.com/cncf/landscape2-sites/refs/heads/main/openssf/settings.yml --logos-path hosted_logos --output-dir build --guide-url https://raw.githubusercontent.com/cncf/landscape2-sites/refs/heads/main/openssf/guide.yml
landscape2 serve --landscape-dir buildThe generated landscape contains data received from Crunchbase. This data is not licensed pursuant to the Apache License, Version 2.0. It is subject to Crunchbase’s Data Access Terms, available at https://data.crunchbase.com/docs/terms, and is only permitted to be used with OpenSSF landscape projects.
Everything else is under the Apache License, Version 2.0, except for projects and products logos, which are generally copyrighted by the company that created them, and are simply cached here for reliability. The generated landscape and the landscape.yml file are alternatively available under the Creative Commons Attribution 4.0 license.