遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[](https://www.bestpractices.dev/projects/7021)
<a href="https://www.bestpractices.dev/projects/7021"><img src="https://www.bestpractices.dev/projects/7021/badge"></a>
Squey is an open-source visualization software designed to interactively explore and understand large amounts of tabular data.
https://gitlab.com/squey/squey/-/blob/main/CONTRIBUTING.md
Visualization of the project Bus factor: https://gitlab.com/squey/squey/-/wikis/uploads/9353026cb6973778fe7c8722f2ee5cb4/image.png
All accounts related to the project such as Gitlab group, DNS zone, web analytics (Piwik Pro, Google Web Console), social network accounts (YoutTube, LinkedIn, X) are managed by at least two people.
https://gitlab.com/squey/squey/-/issues
It is specified on the CONTRIBUTING.md document that the code should be tested : https://gitlab.com/squey/squey/-/blob/main/CONTRIBUTING.md
Two compilers (g++ and clang++) are used to build the project in order to have the best warnings coverage possible.
The software has no need to directly use cryptographic capabilities.
An SAST target is enabled in the CI/CD script which executes "flawfinder" and "semgrep" daily : https://gitlab.com/squey/squey/-/blame/main/.gitlab-ci.yml#L127
The SAST vulnerability report can be found here : https://gitlab.com/squey/squey/-/security/vulnerability_report
后退