Adopt OpenSSF Scorecards #25
Description
OpenSSF Scorecards is a software which attempts to grade a project's Git Repository based on a number of checks. This information would be useful to the maintainers to identify areas that need remediation, and for LoopBack users to evaluate the security posture of the project against an industry-recognised checklist.
There is ongoing discussion for exporting in-toto file format, which can be helpful in supplementing SLSA provenance: ossf/scorecard#3352