遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/4368/badge)](https://www.bestpractices.dev/projects/4368)
<a href="https://www.bestpractices.dev/projects/4368"><img src="https://www.bestpractices.dev/projects/4368/badge"></a>
Command-line tool for marking builds with too many warnings as failed. A command-line alternative for https://github.com/jenkinsci/warnings-plugin. Useable with plugin-less CI systems like Gitlab-CI and even Travis-CI
https://github.com/orgs/melexis/people (it has whole Melexis team accessible and there are also private contributors https://melexis.github.io/warnings-plugin/authors.html)
Private authors and Melexis team https://github.com/orgs/melexis/people (it has whole Melexis team accessible and there are also private contributors https://melexis.github.io/warnings-plugin/authors.html)
Every source file has SPDX entry. https://github.com/melexis/warnings-plugin/blob/master/src/mlx/warnings/warnings.py#L3 General license file has project name and contributors are publicly listed on the GitHub contributors page.
Every source file has SPDX entry. https://github.com/melexis/warnings-plugin/blob/master/src/mlx/warnings/warnings.py#L3
Repository on GitHub, which uses git. git is distributed.
Help wanted label: https://github.com/melexis/warnings-plugin/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22
Admins are required to use 2FA in GitHub
Admins are required to use 2FA in GitHub and use the keys.
CI ensures minimum standards and admins cannot merge until it is green.
Python script is not build, but package is reproducible and automated.
Uses tox https://github.com/melexis/warnings-plugin/blob/master/tox.ini
Travis-ci is used https://github.com/melexis/warnings-plugin/blob/master/.travis.yml
https://app.codecov.io/gh/melexis/warnings-plugin
project does not support network communications
Project websites have all the standard hardening headers. https://github.com/melexis/warnings-plugin // X-Content-Type-Options was not set to "nosniff".
We do check argument inputs, but we do not internally pull data from any other sources.
Codeclimate and CodeCov are used
Asserts are checked where applicable during the testing: https://github.com/melexis/warnings-plugin/blob/master/tests/test_config.py#L38
后退