A unified metadata aggregation system for OWASP projects and chapters. This project aims to unify and standardize data across the OWASP repository ecosystem without requiring major changes to existing repositories, by leveraging the existing Jekyll front matter in index.md files.
Explore the interactive web interface with:
- π Metadata Explorer - Browse and search all OWASP repositories
- π Analytics Dashboard - Visualize metadata coverage and trends
- πΊοΈ Project Wayfinder - Visual overview by type and maturity
- π SDLC Integration Chart - OWASP projects mapped to Software Development Lifecycle phases
The primary goal of this project is to:
- Aggregate Metadata: Collect and standardize metadata from OWASP repositories that use Jekyll-based
index.mdfiles with YAML front matter - Enable Discovery: Power the OWASP Slack bot to guide new users toward projects they would be interested in based on their skills, interests, and location
- Provide Insights: Offer analytics and visualizations on metadata coverage across the OWASP ecosystem
OWASP repositories typically include an index.md file with Jekyll front matter containing metadata such as:
---
title: Project Name
layout: col-sidebar
tags: security, web, tools
level: 3
type: tool
region: Global
pitch: A brief description of the project
---This project:
- Scrapes all OWASP organization repositories via the GitHub API
- Extracts YAML front matter from each repository's
index.mdfile - Normalizes the data into consistent formats (CSV, JSON)
- Visualizes the data through a web-based explorer and analytics dashboard
The scraper generates several data files in the data/ directory:
| File | Description |
|---|---|
metadata.json |
Complete metadata for all repositories in JSON format |
metadata.csv |
Full metadata in CSV format |
metadata_matrix.json |
Matrix showing which fields are present per repository |
metadata_matrix.csv |
Matrix in CSV format |
metadata_summary.md |
Summary of field usage across all repositories |
metadata_checklist.csv |
Checklist format for tracking metadata completeness |
The project includes multiple interactive web interfaces:
| Interface | Description | Link |
|---|---|---|
| Metadata Explorer | Interactive table for browsing, filtering, and searching repository metadata | View β |
| Analytics Dashboard | Visual analytics showing field usage, completeness rates, and trends | View β |
| Project Wayfinder | Visual diagram showing projects grouped by type and maturity level | View β |
| SDLC Integration Chart | Mermaid-based diagram mapping OWASP projects to SDLC phases | View β |
- π Dark/Light Theme Toggle - Switch between themes for comfortable viewing
- π Advanced Filtering - Filter by project type, maturity level, and metadata fields
- π₯ Export Functionality - Download data as CSV or diagrams as SVG
- π± Responsive Design - Works on desktop and mobile devices
- β‘ Real-time Updates - Data refreshes weekly via GitHub Actions
The standardized metadata from this project will be consumed by the OWASP Slack bot to:
- Help new contributors find projects matching their skills and interests
- Recommend relevant chapters based on user location
- Provide quick access to project information and resources
- Guide users to projects based on tags, type, and activity level
βββ scripts/
β βββ scrape_metadata.py # Main scraper script
βββ data/ # Generated metadata files
βββ index.html # Metadata explorer UI
βββ charts.html # Analytics dashboard
βββ diagram.html # Project Wayfinder diagram
βββ mermaid-diagram.html # SDLC integration diagram
βββ app.js # Explorer application logic
βββ charts.js # Analytics charts logic
βββ diagram.js # Project Wayfinder logic
βββ mermaid-diagram.js # SDLC diagram logic
βββ mermaid.min.js # Mermaid library for diagrams
βββ styles.css # Shared styles
βββ charts.css # Analytics-specific styles
# Set up environment
pip install -r requirements.txt
# Set GitHub token (optional, but recommended for higher rate limits)
export GITHUB_TOKEN=your_token_here
# Run the scraper
python scripts/scrape_metadata.pyVisit the Live Dashboard to explore the metadata interactively, or run locally by opening index.html in a browser.
For analytics and visualizations, visit the Analytics Dashboard.
To see how OWASP projects map to the Software Development Lifecycle, check out the SDLC Integration Chart.
Contributions are welcome! This project helps improve metadata consistency across OWASP repositories. If you notice missing or inconsistent metadata in OWASP projects, consider contributing to those repositories by adding or updating their index.md front matter.
- Fork this repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is part of the OWASP Foundation's open source initiatives and is licensed under the Apache License 2.0.
Made with β€οΈ by the OWASP BLT Project