We’ve gotten feedback on the proposed criteria for higher levels, and tried to respond where we could (thanks to everyone!): https://github.com/linuxfoundation/cii-best-practices-badge/blob/master/doc

This is an automated monthly status report of the best practices badge application covering the month 2017-04. Here are some selected statistics for most recent completed month, preceded by the same s

All: FYI: This mailing list is managed by the Linux Foundation using mailman. By default, mailman sends a reminder message every month that includes your mailing list password (unique to each user and

This is an automated monthly status report of the best practices badge application covering the month 2017-04. Here are some selected statistics for most recent completed month, preceded by the same s

We intend to add a tweak to the criteria badging form, one which technically doesn’t change the criteria but will require a little more information from projects about static_analysis. Comments welcom

All – if you’re curious, here’s a presentation about the badging project’s status on Youtube: https://www.youtube.com/watch?v=0ubRjdm1QpY&feature=youtu.be This is basically a recording of the presenta

Thanks David! Based on our security practices, I suggested some criteria (#683 ~ #692) which mainly focused on crypto algorithm, secure delivery and code quality. Please post comments, suggestions on

FYI, we’ve made a number of improvements to the “BadgeApp” website: https://bestpractices.coreinfrastructure.org/ Some recent improvements include: * The user interface now has collapsible panels, and

All: Issue #674 proposes to slightly relax the passing criterion “release_notes_vulns”, which currently says: > “The release notes MUST identify every publicly known vulnerability that is fixed in eac

We have draft criteria for the proposed “higher-level” badges here: https://github.com/linuxfoundation/cii-best-practices-badge/blob/master/doc/other.md We’d love to get feedback (via this mailing lis

All: Like many other sites, the “BadgeApp” had problems on Feb 28, 2017. This was due to problems within Amazon services (specifically S3 and other services that depend on it). We missed getting a pro

We have an updated draft set of criteria for “passing+1” and “passing+2”: https://github.com/linuxfoundation/cii-best-practices-badge/blob/master/doc/other.md These are *not* the final product – but I

FYI, the badging application (“BadgeApp”) has just upgraded from Rails 4 to Rails 5. There were a number of issues that needed to be dealt with; my thanks to Dan Kohn for spearheading the work. If you

All: I'd like to start creating the criteria for "higher level" badges. Please reply, or add issues, for things you think should be included. A very early draft is here: https://github.com/linuxfounda

All: *Many* projects use GitHub pages with custom domains, but GitHub does not natively support HTTPS if you’re using GitHub pages with custom domains. I think we should make it clear that using a CDN

As you know, most OSS projects today use a repository hosting service (aka "forge"), GitHub being the most popular. This means that many OSS projects have had trouble meeting criterion "sites_https" b

Even more good news - SourceForge is now also supporting HTTPS for project webistes, which makes meeting criterion "https_sites" even easier for some people. Details here: https://sourceforge.net/blog

FYI - The GitLab Enterprise Edition has supported “GitLab Pages” (which serve static pages similar to GitHub pages). Recently GitLab has announced that they’re adding “GitLab Pages” to their open sour

Great news - Blender now has a badge! Details here: https://bestpractices.coreinfrastructure.org/projects/286 For those who don't know, Blender is a free and open source 3D creation suite, whose websi

I’m thinking that perhaps we should add some test coverage measurements for higher-level badges (NOT for “passing”). However, there are many options, and a variety of pros and cons. Below are some of