blog/claude-code-agent-ops/01/scorecard-journey

scorecard-journey.svg

<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 800 320" font-family="system-ui, -apple-system, sans-serif">
  <defs>
    <linearGradient id="scoreGrad" x1="0%" y1="0%" x2="100%" y2="0%">
      <stop offset="0%" style="stop-color:#ee5a24"/>
      <stop offset="50%" style="stop-color:#fdcb6e"/>
      <stop offset="82%" style="stop-color:#00b894"/>
      <stop offset="100%" style="stop-color:#00b894"/>
    </linearGradient>
    <filter id="shadow" x="-2%" y="-2%" width="104%" height="108%">
      <feDropShadow dx="1" dy="2" stdDeviation="2" flood-opacity="0.08"/>
    </filter>
  </defs>

  <!-- Title -->
  <text x="400" y="28" text-anchor="middle" fill="#1a1a2e" font-size="20" font-weight="bold">OpenSSF Scorecard: 5.0 → 8.2 in One Week</text>
  <text x="400" y="48" text-anchor="middle" fill="#666" font-size="12">Roadmap to 10/10: github.com/kagenti/kagenti/issues/621</text>

  <!-- Score bar -->
  <rect x="50" y="68" width="700" height="28" rx="14" fill="#e8e8e8"/>
  <rect x="50" y="68" width="574" height="28" rx="14" fill="url(#scoreGrad)"/>

  <!-- Markers -->
  <line x1="400" y1="68" x2="400" y2="108" stroke="#999" stroke-width="1" stroke-dasharray="4"/>
  <text x="400" y="122" fill="#999" font-size="11" text-anchor="middle">5.0 (before)</text>

  <line x1="624" y1="68" x2="624" y2="108" stroke="#00b894" stroke-width="2"/>
  <text x="624" y="122" fill="#00b894" font-size="13" font-weight="bold" text-anchor="middle">8.2 (now)</text>

  <text x="750" y="88" fill="#aaa" font-size="12" text-anchor="middle">10</text>

  <!-- Done items -->
  <text x="50" y="155" fill="#1a1a2e" font-size="14" font-weight="bold">Completed:</text>

  <rect x="50" y="168" width="225" height="50" rx="8" fill="#f0faf5" stroke="#00b894" stroke-width="1" filter="url(#shadow)"/>
  <text x="65" y="190" fill="#00b894" font-size="12" font-weight="bold">Branch Protection</text>
  <text x="65" y="207" fill="#666" font-size="11">PRs, signed commits, no bypass</text>

  <rect x="290" y="168" width="225" height="50" rx="8" fill="#f0faf5" stroke="#00b894" stroke-width="1" filter="url(#shadow)"/>
  <text x="305" y="190" fill="#00b894" font-size="12" font-weight="bold">Dependency Pinning</text>
  <text x="305" y="207" fill="#666" font-size="11">SHA-pinned 37 GitHub Actions</text>

  <rect x="530" y="168" width="225" height="50" rx="8" fill="#f0faf5" stroke="#00b894" stroke-width="1" filter="url(#shadow)"/>
  <text x="545" y="190" fill="#00b894" font-size="12" font-weight="bold">SAST (CodeQL)</text>
  <text x="545" y="207" fill="#666" font-size="11">JS + Python analysis</text>

  <!-- Planned items -->
  <text x="50" y="248" fill="#1a1a2e" font-size="14" font-weight="bold">Planned (→ 10/10):</text>

  <rect x="50" y="261" width="225" height="50" rx="8" fill="#faf5ff" stroke="#8854d0" stroke-width="1" filter="url(#shadow)"/>
  <text x="65" y="283" fill="#8854d0" font-size="12" font-weight="bold">CII Best Practices</text>
  <text x="65" y="300" fill="#666" font-size="11">Register + questionnaire</text>

  <rect x="290" y="261" width="225" height="50" rx="8" fill="#faf5ff" stroke="#8854d0" stroke-width="1" filter="url(#shadow)"/>
  <text x="305" y="283" fill="#8854d0" font-size="12" font-weight="bold">Fuzzing</text>
  <text x="305" y="300" fill="#666" font-size="11">OSS-Fuzz registration</text>

  <rect x="530" y="261" width="225" height="50" rx="8" fill="#faf5ff" stroke="#8854d0" stroke-width="1" filter="url(#shadow)"/>
  <text x="545" y="283" fill="#8854d0" font-size="12" font-weight="bold">Signed Releases</text>
  <text x="545" y="300" fill="#666" font-size="11">cosign + sigstore</text>
</svg>