You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
The CII Best Practices badge has a number of security-related criteria at 3 levels: passing, silver, and gold. It currently automates some of them, and more might be automatible. It'd be good to review its criteria to see what might be automatable in scorecard. I suspect this would be easier to do after completing #1032.
"The information on how to contribute SHOULD include the requirements for acceptable contributions (e.g., a reference to any required coding standard)." [contribution_requirements] - Look for a CONTRIBUTING{,.md,.txt,.html} file.
The project MUST enable one or more compiler warning flags, a "safe" language mode, or use a separate "linter" tool to look for code quality errors or common simple mistakes, if there is at least one FLOSS tool that can implement this criterion in the selected language. [warnings] - look for indicators in various config/build files
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
The CII Best Practices badge has a number of security-related criteria at 3 levels: passing, silver, and gold. It currently automates some of them, and more might be automatible. It'd be good to review its criteria to see what might be automatable in scorecard. I suspect this would be easier to do after completing #1032.
Describe the solution you'd like
Look at this full list of criteria (all tiers) with details, rationale, and autofill ideas. You may find some of them relatively easy to implement in scorecard. The "autofill" text are notes about how this might be done - if you want to see what the BadgeApp actually implements, see the source code of its detectives.
For example:
The text was updated successfully, but these errors were encountered: