jeremyrickard · 37.0/100 — Rate My GitHub

01 · Roasts

173 Repos, 22 Total Stars

You've created 173 public repositories and collectively earned 22 stars. That's a batting average that would get you cut from a T-ball team. kubecon-signed-sealed alone has 19 of them — the other 172 repos are basically carrying 3 stars between them.

notation-attach: The 3-Hour Wonder

notation-attach was created and last pushed on the same day (2023-04-14) in a 3-hour window, has a single-line README, and zero tests. This is not a repository. This is a sticky note that GitHub charged you a URL for.

87% of Your Repos Are Abandoned

A stale repo ratio of 0.87 means 151+ of your 173 repos haven't been touched in over 2 years. Your GitHub profile is less a portfolio and more an archaeological dig site. Future engineers will carbon-date your commits.

33 Commits in a Year

With 33 public commits in the past year across 173 repos, you're averaging less than one commit every 10 days. Your heatmap looks like someone sneezed on a calendar — bursts of activity followed by weeks of existential silence.

89% Go, Zero Versatility

Go makes up 89% of your language footprint, and every single scored repo is a Go CLI/plugin in the CNCF supply chain security niche. That's not a specialization — that's a recurring pattern of conference prep. Branch out or become a gopher museum exhibit.

Built using

Zoral

Shadows one worker for a week, then takes over their job with zero extra setup. Behaves exactly like the original.

zoral.ai

02 · Category breakdown

Impact
25% weight
28F
Consistency
20% weight
30F
Quality
20% weight
57D
Depth
15% weight
35F
Breadth
10% weight
28F
Community
10% weight
40D

03 · Stats

365-day commit heatmap

224 active days

Less

Language distribution

7 langs

Go89%
HTML3%
CSS3%
Java1%
Shell1%
JavaScript1%
Other2%

04 · Numbers

Owned repos

non-fork

Commits

last 12 months

Followers

108

Joined GitHub

Nov 2017

05 · Top repos

jeremyrickard /

kubecon-signed-sealed

40/100

Supply chain security demo project integrating container signing (Notation), image retagging (Go CLI), Flux/OCI artifacts, and Kyverno policies for KubeCon 2025 talk.

I25Q60D35

READMETestsCITyped

Go★ 191y ago

jeremyrickard /

ratify-package-checker

32/100

A targeted Ratify plugin for package verification that checks SPDX documents against disallowed licenses and package versions. Written in Go with proper structure, types, and CI, but narrow scope and minimal adoption.

I25Q50D20

READMECITyped

Go★ 13y ago

jeremyrickard /

notation-attach

15/100

Minimal utility repo with single commit (2023-04-14), sparse documentation, and no tests or CI. Only a one-line README describing notation signature attachment functionality.

I15Q25D5

README

Unknown★ 13y ago

06 · Timeline

Nov 22, 2017
Joined GitHub
Apr 11, 2023
Created ratify-package-checker — A ratify plugin that looks for specific packages
Apr 14, 2023
Created notation-attach — A simple utility for attaching externally generated notation signatures to an artifact
Apr 1, 2025
Created kubecon-signed-sealed
Apr 1, 2025
Most recent push to kubecon-signed-sealed

07 · Compare

Compare jeremyrickard against

github.com/

jeremyrickard · 6dmedian coder

08 · Rubric

How this score was produced

Overall = Σ (category × weight) + gentle top-end curve

CategoryWeightScoreContrib.

Raw total36.4

Top-end curve+0.6

Final overall37.0

Tier thresholds

S90–100Mass-producing humansA80–89Ship machineB70–79Solid engineerC60–69Getting thereD40–59README enthusiastF0–39GitHub tourist

▸ How the pipeline works

01Scrape.Pull every non-fork repo pushed in the last 90 days, plus your contribution calendar, followers, and language byte counts — straight from GitHub's REST & GraphQL APIs.
02Triage.A small model reads every repo's file tree + README and picks the 20 files per repo that actually reveal how you code.
03Grade each repo. All repos run in parallel through a fast scoring model that reads the picked files and rates each one independently on Impact, Quality, and Depth — with evidence citations.
04Aggregate. A larger reasoning model combines the per-repo scores with server-computed stats (heatmap, commit cadence, language entropy, follower count) to produce the 6-dimension profile score + roasts.
05Correct.Deterministic server-side checks enforce anchor-scale floors (e.g. a profile with 2,000+ public commits can't score 30 Consistency) and recompute the final verdict.

~90 seconds per profile, ~$0.25 in compute. Total of ~240 files read across your top-12 repos. One rating per GitHub account per day.

▸ Data sources & caveats

Heatmap & commit totals: GitHub GraphQL contributionsCollection — covers the last 365 days, includes private repos when the user has opted in (default).
Language %: byte totals across the top 30 owned non-fork repos.
Curve: a small upward nudge centered on raw score ≈ 70, capping at 100. Prevents specialists from being unfairly penalised for narrow breadth.
Anchor corrections: when server-measured signals (e.g. privateWorkLikely, multiRepoVolume, follower count) mandate a minimum category score, the aggregation step enforces it. These are signal-conditional, not identity-based floors.