Add fields for OpenSSF Best Practices Badge, fixes #93 #94
Conversation
Signed-off-by: David A. Wheeler <[email protected]>
|
Here's my attempt to add support for all (important) OpenSSF Best Practices Badge data to SECURITY-INSIGHTS. Comments welcome. @eddie-knight @SecurityCRob |
|
Note: It might be better if some or all of the "special keys" went to "headers" instead. If so, we'd need to figure out what the current URL is (repo_url or project_url?). The list aof implementation languages should perhaps be an array of strings instead. The current criteria keys could be explicitly listed (for simplicity I didn't do that)... that would be easy to generate with a script. |
|
Also, maybe "license" should be named "license_expression" to make it more obvious what it is. |
|
I'm labeling this as draft, I think many keys need to move to headings. I'd love to hear thoughts |
Signed-off-by: David A. Wheeler <[email protected]>
This also checks in a small script that can automatically regenerate this section. The script makes it easier to make mass changes/updates. Signed-off-by: David A. Wheeler <[email protected]>
|
I think it's ready now, but this needs review. Comments welcome. |
|
We'll need to continue this discussion in light of the recent changes in the v2 release. The PR linked above might be a good starting point. I'll also make note of this on #93. |
No description provided.