Should all OpenSSF projects/repos have CII badges? #45
Comments
|
I would certainly encourage it :-). At least one does - the CII Best Practices badge project earns it own badge :-). If anyone needs help, I'd be happy to help. Send me an email at dwheeler AT linuxfoundation DOT org, or use the OpenSSF Slack. |
|
Yes! Big +1 on that. |
|
@dlorenc - do you want to start the process for OpenSSF Scorecard? We could get on a Zoom call together if you'd like, but we always urge project leads to start the process. |
|
I've done it a few times before, should be fine on that. I think the bigger issue is that we're likely not actually meeting all the requirements there yet! |
|
@dlorenc - that's okay! I think showing that things are "in progress" is precisely the right message to send. |
|
+1 our own projects getting badges helps on multiple levels: |
|
+100
Chris
… On Mar 4, 2022, at 8:53 AM, CRob ***@***.***> wrote:
+1 our own projects getting badges helps on multiple levels:
1.) shameless self-advertising
2.) spreading of security good practices
3.) show we respect and follow our own guidelines
4.) will give Badges project feedback to improve processes and overall quality of earning those badges
—
Reply to this email directly, view it on GitHub, or unsubscribe.
Triage notifications on the go with GitHub Mobile for iOS or Android.
You are receiving this because you authored the thread.
|
|
It seems like this could be added at some point as an entry requirement to a stage in the Project Lifecycle document. |
|
This wlll be accounted for as this PR is merged - #226 |
|
pr merged 11dec2023 |
We should be eating our own cooking, don't you think?
The text was updated successfully, but these errors were encountered: