The Open Source Security Foundation (OpenSSF) has created a structured set of security requirements for open source projects.