Dear David and list, I believe a couple of things can be improved in the current CII-badges: 1. Early patching of critical vulnerabilities is not mandated: patching time frames are subjective and vuln

Just wondering what everyone's thoughts are about when a project should consider a particular issue related to the badging process to be completed. Can we / should we consider something completed only

We now have email reminders set to automatically start going out, beginning Sep 8 23:00 UTC. They’ll only go to projects where there’s been no update for at least 30 days, and either no reminders or t

Just received. -- Dan Kohn <mailto:dan@...> tel:+1-415-233-1000 ---------- Forwarded message ---------- From: badgeapp@... <badgeapp@...> Date: Tue, Sep 6, 2016 at 6:44 PM Subject: Your project does n

We have another badge: MagicMirror. Details: https://bestpractices.coreinfrastructure.org/projects/347 --- David A. Wheeler

We have some badge entries that haven’t updated for a while. Maybe we should start sending reminders. Proposal is here: https://github.com/linuxfoundation/cii-best-practices-badge/issues/487 I’d like

All: We have a new badge-holder: Bareflank hypervisor. Details: https://bestpractices.coreinfrastructure.org/projects/325 It “aims to provide all of the scaffolding needed to rapidly prototype new hyp

I’m *delighted* to report that LibreOffice just got a best practices badge! Details here: https://bestpractices.coreinfrastructure.org/projects/307 for more. I currently review all new passing badge f

When a project earns a badge they now get a congratulatory message flashed at the top of the page. However, I’d also like to automatically send the project entry owner an email, per: https://github.co

More good news. NTPSec just got their badge: https://bestpractices.coreinfrastructure.org/projects/79 OPNFV got a badge earlier, but here’s a post from today about their experience (I think it’s prett

A number of projects are close to a badge, but don’t (yet) quite have it. Perhaps the criteria are too hard. Perhaps the criteria are fine, but we’re asking people to make reasonable improvements (and

Dale Visser: > > Perhaps this suggests a new criterion... In a quick look through all > > the criteria on a current badge, I don't see any specifically > > suggesting regular reviews of library/packag

As you can see, we have great news - more projects have badges: * c-ares: https://bestpractices.coreinfrastructure.org/projects/291 - a dependency of curl’s * BRL-CAD: https://bestpractices.coreinfras

I finally pushed enough off my plate and found time to finish filling out BRL-CAD's badging, which I’d started 6 months ago. Happy to be #8 in the list and 28th to get to 100%. Here’s a retrospective

FYI, the site “HTTPSWatch” reports on sites’ HTTPS support by type of site. This one is especially relevant: https://httpswatch.com/programming The bottom line is that *some* sites are doing okay (Git

I don't post as much here about the "plumbing" of the BadgeApp web app, but some of you might be interested in the following. --- David A. Wheeler ============================== Last week (on August 1

Great news! The project “JSON for Modern C++” just got a badge: https://bestpractices.coreinfrastructure.org/projects/289 They started a badge entry 4 days ago (2016-08-15 07:12:13 UTC) and got the ba

Good news, we are seeing a significant influx in the number of projects pursuing a badge: https://bestpractices.coreinfrastructure.org/project_stats As of late yesterday we have 215 projects pursuing

It makes me happy to see this: https://bestpractices.coreinfrastructure.org/projects/88 Syncthing is my current chosen solution for keeping redundant copies and a local backup (using a portable HDD co

Good news, we continue to get more projects working on badges, including some pretty popular projects. Some projects that you’ve probably heard of include: * SQLite (DBMS): https://bestpractices.corei