-
Notifications
You must be signed in to change notification settings - Fork 6.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CII Best practices badge addition #5432
Comments
I think it's fine to add it here :) At least I don't mind the extra badge, cc @nodejs/website what y'all think about it? |
Fine by me FWIW. Does it need to be on the home page or could it be on another page? |
I think it's better to add that after Nodejs(line 1) or add a new section as |
Yeah I also believe it's better fitting on the README rather than the website itself. |
It would be ideal to have it in the repo readme; I'm about to begin an OpenJS Foundation initiative with the goal of having every Foundation project follow these best practices, which include displaying the badge - the website would count, but the repo feels more appropriate to me. |
I also don't mind an extra badge I checked other projects and I saw the badge is put in README under the project name... IMO it's more appropriate |
@UlisesGascon feel free to open a PR against our README. It sounds clear that the Website Team isn't against this. To be honest, I don't think this falls to the Website Team, since this is an OpenJS initiative (correct me if I'm wrong) and probably the @nodejs/tsc is more interested in knowing we're setting up a badge that will theoretically grant us a certain status. But again, I think we're fine with proceeding with getting this adopted here :) |
I don't think the website repo's README is what the requirement demands. The only reason for adding the badge is to comply with their demand, not to actually showcase it :) |
oh sorry, i meant the node repo was the more appropriate place to put it. |
We should either have it on nodejs/node#README.md or Node.js website to display the badge. Otherwise, the requirements won't be met. |
And to make sure everybody on the thread has the context, there were objections to adding it to the node repo README.md in nodejs/node#48427 when @UlisesGascon opened a PR to do that. That is why the request to add it to the Website. |
@nodejs/website can you help us to progress the initiative? We are submitting the Silver badge currently, and this is a requirement. Maybe we can include it in the footer? Not sure where we can include the badge in the website 🤔 |
I had a couple minutes and I mocked up what it would look like on the current site - the footer seems like an okay place to me. But the new proposed layout has vastly streamlined this area of the site and I feel like simply duplicating it in the new footer would be a mistake. If the rest of @nodejs/nodejs-website agrees...
|
Governance is about how decisions are made, not about technical rubrics. Perhaps under "about" or "security reporting"? |
Feels right under Security Reporting, yeah. |
do we know what content is within the new "Security Reporting" page? if it's just a rename of the current "Security" page, that wont work well - as that's just a link to https://github.com/nodejs/node/security/policy#security |
In order to obtain the silver level ( nodejs/security-wg#955 ) we will need to met this criteria:
It was not possible to be done in the Node
README.md
(nodejs/node#48427)I am not very sure where this badge can be added in the website, this is the sample code that is provided.
Related:
cc: @nodejs/security
The text was updated successfully, but these errors were encountered: