mitre/heimdall2

0

/ 100

Documentation86
Engineering68
Health92
HTML253Other1d ago
Grade a repo

Good shape overall. A few tweaks would push it into the top tier.

Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.

Documentation

86

Contributing guide5pt30

Contributing guidance is in the README, not a dedicated CONTRIBUTING.md (−20 pts).

Moving it to a CONTRIBUTING.md makes it easier to find and keeps the README focused. A dedicated file earns +47 pts base.

Install and run instructions9pt90

README documents how to install the project.

README12pt100

README is present.

License6pt100

Licensed under Other.

Engineering

68

Tests18pt35

Test files detected (apps/backend/src/casl/casl-ability.factory.spec.ts).

CI/CD14pt72

CI is configured (.github/workflows/build-prod.yml).

Linting and formatting5pt100

Linter or formatter configured (eslint.config.mjs).

Reproducibility6pt100

Lockfile present (yarn.lock). Installs are reproducible.

Issue and PR templates6pt100

Issue or PR templates present.

Project health

92

Dependency manifest6pt75

Dependency manifest found (package.json).

Repository metadata5pt100

Repository has a description.

Activity5pt100

Actively maintained (pushed within the last month).

Housekeeping3pt100

.gitignore present.

Repository health signals

Activity, community, and responsiveness at scan time

Activity

  • Commits (30d / 90d)
  • 77
    Forks
  • 131
    Releaseslatest 5y ago

Community

  • Community health
  • authors own >50% of commits
  • 253
    Watchers

Responsiveness

  • 452d 7h
    Median issue response
  • 2d 16h
    Median PR merge time
  • 326
    Open issues
Repository files36 root entries
  • .github
    Good: CI is configured (.github/workflows/build-prod.yml).
    Good: Dependabot covers 2 ecosystems (bundler, npm). Dependencies stay current.
    Good: Issue or PR templates present.
  • .vscode
  • apps
    Good: Test files detected (apps/backend/src/casl/casl-ability.factory.spec.ts).
  • certs
  • libs
  • nginx
  • test
  • .dockerignore
  • .gitignore
    Good: .gitignore present.
  • .nvmrc
  • .slugignore
  • app.json
  • CHANGELOG
  • cmd.sh
  • CODE_OF_CONDUCT.md
    Good: Code of conduct present.
  • cypress.config.ts
  • docker-bake.hcl
  • docker-compose.yml
  • Dockerfile
    Good: Environment pinned via Dockerfile.
  • Dockerfile.lite
  • eslint.config.mjs
    Good: Linter or formatter configured (eslint.config.mjs).
  • heimdall2.code-workspace
  • lerna.json
  • LICENSE.md
    Good: Licensed under Other.
  • manifest.yml.example
  • package.json
    Good: Dependency manifest found (package.json).
  • postcss.config.js
  • Procfile
  • README.md
    Good: README is present.
    Good: README is well structured with multiple sections.
    Good: README includes screenshots or visuals. Great for first impressions.
    Good: README has code examples.
    Good: README links to a live demo or deployed app.
    Good: README includes status badges.
    Good: README documents how to install the project.
    Good: README documents how to run the project.
  • setup-dev-env.ps1
  • setup-dev-env.sh
  • setup-docker-env.ps1
  • setup-docker-env.sh
  • tsconfig.json
  • VERSION
  • yarn.lock
    Good: Lockfile present (yarn.lock). Installs are reproducible.