Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Look into badge for our repo from OpenSSF #2933

Open
LeandraH opened this issue Sep 23, 2024 · 0 comments
Open

Look into badge for our repo from OpenSSF #2933

LeandraH opened this issue Sep 23, 2024 · 0 comments
Labels
CI/CD Changes in the CI discussion-needed documentation Improvements or additions to documentation not-testable Not testable by our tester Task

Comments

@LeandraH
Copy link
Contributor

LeandraH commented Sep 23, 2024

Is your feature request related to a problem? Please describe.
As Sven pointed out in https://chat.tuerantuer.org/digitalfabrik/pl/n93dgppw5jgojqbf4r1kit1rcw , there is a badge from Open Source Security Foundation about which best practices a repo follows. Maybe we want to implement that as well in our repo, to encourage us to implement / stick to best practices, and to show people who are interested in contributing that we care about security.

Here is the report for the CMS: https://securityscorecards.dev/viewer/?uri=github.com/digitalfabrik/integreat-cms

And a link to the best practices from the OpenSSF: https://www.bestpractices.dev/de

Describe the solution you'd like
Have a shiny new badge in our repo that says that we do a good job on security.

Describe alternatives you've considered
We could check on whether we follow the best practices without adding a badge. Or we could ignore this altogether.

@LeandraH LeandraH added documentation Improvements or additions to documentation Task discussion-needed CI/CD Changes in the CI not-testable Not testable by our tester labels Sep 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
CI/CD Changes in the CI discussion-needed documentation Improvements or additions to documentation not-testable Not testable by our tester Task
Projects
Status: No status
Development

No branches or pull requests

1 participant