Over the past week, my team and I have dedicated our time to researching and selecting an open source project that aligns with our goals and experience level. We aimed to contribute to a project that is not only active and responsive but also beginner-friendly. After exploring several options—including the Open Cybersecurity Alliance, OSSF Alpha-Omega, OSSF Scorecard, and the OSSF Scorecard Webapp—we ultimately decided to move forward with the OSSF Scorecard project, following in the footsteps of previous cohorts.

After completing our project setup—which included installing the development environment and reviewing the documentation on how to get started—we began exploring beginner-friendly issues we could tackle as a team. We identified two issues: one related to documentation and the other involving code. We decided to start with the documentation issue, which had previously been attempted by the cohort before us, giving us a useful point of reference. Our task involved updating the CI-Test documentation to clarify that the check only considers and rewards repositories that successfully pass. We submitted a pull request with our changes and are currently awaiting review from a maintainer.

I believe the next best issue for my team to tackle is the one involving code. Taking on a coding issue would be a great way to challenge ourselves and start thinking like real developers and open source contributors. While we know it won’t be easy, I’m confident that, as a team, we have the skills and determination to work through it and learn a lot in the process.