The CII Best Practices production (“real”) site has a new criterion, “maintained”. My thanks to the many who provided excellent feedback through this process. I did make a mistake; I forgot to do a “t

I think we’re ready to deploy the “maintained” criterion. We had some hiccups/adventures in our test framework & cache purging system. It’s been so long since we’ve added/removed criteria that adding

I’ve learned that some projects have achieved badge, but have since expressly moved into an “unmaintained status”. The question is, what (if anything) should be done? My initial thinking is that “as l

One of the criteria for gaining a gold badge listed under the change control heading is: The project MUST require two-factor authentication (2FA) for developers for changing a central repository or ac

FYI: It’s important that the CII Best Practices badge site be fast enough & scale well, so that people will be willing to work on getting badges & be willing to view badges. I’ve been monitoring it to

Wanted: More people to review changes to the CII Best Practices BadgeApp (the code that manages the site). For a while I’ve done most code changes, with Jason Dossett & Dan Kohn reviewing. Dan Kohn sa

We’re having some troubles with the CII Best Practices badge website involving sendgrid. For the moment I’ve temporarily switched it to “no login” mode. I’m sorry for the inconvenience & we’re working

FYI: LF Edge’s "Home Edge” project got a CII Best Practices passing badge and publicly discussed their (positive) experience. Below are the details. I’m always happy to hear positive experiences, and

If you're using the CII Best Practices badge API, please don’t use the HTTP "Accept” header to state what format you want. That deprecated capability will soon stop working. Instead, indicate your des

FYI: We have 3,682 participating projects as of 2021-03-04. If our current 1-year trend continues precisely ((3682-2986)/365=1.9 projects/day), we will reach 4,000 participating projects around August

All, I thought I’d give you an update on some of the things going on with the CII Best Practices badge project: * We’ve upgraded to Rails 6.1! We’ve been stuck on Rails 5.X for some time, but after so

This is an automated monthly status report of the best practices badge application covering the month 2021-01. Here are some selected statistics for most recent completed month, preceded by the same s

FYI: the CII Best Practices badge project’s web application is slowly working to transition from Rails 5 to Rails 6. The code generally works on Rails 6 already; the problem is that we’ve always done

The criterion “license_location” says: > The project MUST post the license(s) of its results in a standard location in their source repository. {Met URL} [license_location] Issue #1544 proposes to als

FYI: The "Report on the 2020 FOSS Contributor Survey” has been released from the Linux Foundation & The Laboratory for Innovation Science at Harvard. Authors are: Frank Nagle (Harvard Business School)

FYI, I thought it might be useful to summarize recent minor updates to the CII Best Practices badge. They don’t change anything substantive, but I wanted to make sure you were aware of them. Hopefully

This is an automated monthly status report of the best practices badge application covering the month 2020-12. Here are some selected statistics for most recent completed month, preceded by the same s

We have several proposed tweaks to the CII Best Practices criteria or related text. Comments are very welcome in either the specific GitHub issue or here on the mailing list. Details below. --- David

FYI: I was on FLOSS Weekly #609 to talk about “Open Source Security”. It’s available here: https://twit.tv/shows/floss-weekly/episodes/609?autostart=false I pointed out the CII Best Practices badge, t

All: Now that the CII Best Practices badge is part of the OpenSSF, there needs to be a discussion about whether or not it should eventually be rebranded to specifically note the OpenSSF, and if so, wh