All: We have a new badge-holder: Bareflank hypervisor.  Details:

  https://bestpractices.coreinfrastructure.org/projects/325

It “aims to provide all of the scaffolding needed to rapidly prototype new hypervisors.”

Overall it looks good.  It’s a GitHub-host project, so we already know how some of the questions typically get answered.  It’s in C++.  A few interesting points:

* For static analysis they use Clang-Tidy and Coverity.

* For the “Secure development knowledge” questions they justify their knowledge using linkedin URLs.  I think that is an *awesome* way to make that justification – maybe we should even modify the “details” text to mention that as a way to do it.  They’re the first to use a linkedin URL this way (see below for proof).

* They originally used a non-https URL for their project page, but that wasn’t necessary – they just needed to use their https URL instead, which is: <https://bareflank.github.io/hypervisor/>.  We could detect “http://NAME.github.io/” and automatically upgrade projects to their https address, since that’s a special but common case.

* They have a clear vulnerability reporting process that *requires* reports to be made public.  While that’s not the way I would personally do it, we *specifically* devised the criteria to permit this, because some projects do it that way… and they are quite clear about it.

They also have a video that lacks audio, but it still makes me want to try it out.  Hey, I *like* playing with stuff :-).

--- David A. Wheeler

P.S. I’m not just guessing regarding linkedin.  I ran this query, and this is the *only* matching record:

SELECT id,know_secure_design_justification,know_common_errors_justification FROM projects WHERE know_secure_design_justification LIKE '%linkedin%' OR know_common_errors_justification LIKE '%linkedin%';"

So this is an interesting first.