...
Quality Goal | LFN Wiki | OpenSSF | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Project Vitals | Project Data Template (currently used both for induction and health review) | LFN Lifecycle states and guidelines (metrics per lifecycle stage) | Best Practices | Scorecard | ||||||||
Project Name | ☑️ | README-template.md | ||||||||||
Project Creation Date | ☑️ | |||||||||||
Project License | ☑️ | LICENSE; README-template.md | ||||||||||
Community Size | ☑️ | |||||||||||
Contributing organizations (Diversity) | ☑️ | ☑️ | ||||||||||
Number of contributors | ☑️ | |||||||||||
Legal Details and checks | ||||||||||||
Lifecycle Stage | ☑️ | |||||||||||
Release schedule | ☑️ | |||||||||||
Adoption | ☑️ | |||||||||||
Project & Community Resources | ||||||||||||
Website | ☑️ | README.md | ||||||||||
Wiki | ☑️ | README.md | ||||||||||
Mailing List | ☑️ | README.md | ||||||||||
Slack | ☑️ | README.md | ||||||||||
Community Meetings | ☑️ | README.md | ||||||||||
Project Governance | ||||||||||||
TSC/TOC | ☑️ | ☑️ | GOVERNANCE.md; GOVERNANCE-elections.md; GOVERNANCE-maintainer.md; | |||||||||
Charter | ☑️ | |||||||||||
Code of Conduct | ☑️ | CODE_OF_CONDUCT.md; README.md | ||||||||||
How to contribute | ☑️ | ☑️ | CONTRIBUTING.md; README.md | |||||||||
Project Roles | ☑️ | ☑️ | CONTRIBUTOR_LADDER.md | |||||||||
Maintainers | ☑️ | ☑️ | MAINTAINERS.md | |||||||||
How to Review | ☑️ | ☑️ | REVIEWING.md | |||||||||
Adding/Removing PTLs | ☑️ | ☑️ | MAINTAINERS.md ?? | |||||||||
Sub-Project Lifecycle | ☑️ | ☑️ | GOVERNANCE-subprojects.md | |||||||||
Dispute Resolution☑️ | ☑️ | |||||||||||
Adding/removing committers☑️ | ☑️ | Dispute resolution | ☑️ | |||||||||
Sub-projects without a lead | ☑️ | |||||||||||
Documentation | ||||||||||||
Technical Documentation | ||||||||||||
Contributor onboarding Documentation | ||||||||||||
Company Diversity (past 12 months) | ||||||||||||
Number of Contributors | ||||||||||||
Release Management | ||||||||||||
CI CD integration | ||||||||||||
Adoption | ||||||||||||
Security Design Principals | ||||||||||||
Use Case/ Problem Statement | ||||||||||||
Problem that project solves | ☑️ | README.md | ||||||||||
Use Cases Scenarios | ☑️ | README.md | ||||||||||
Infrastructure Tooling | ||||||||||||
Wiki | ☑️ | |||||||||||
Repos | ☑️ | |||||||||||
Bug Tracking tool | ☑️ | |||||||||||
Code review | ☑️ | |||||||||||
Documentation | ☑️ | |||||||||||
CI/CD tooling | ☑️ | |||||||||||
Collaboration Tooling | ☑️ | |||||||||||
Roadmap | ||||||||||||
Near/long-term objectives | ☑️ | |||||||||||
Milestones | ☑️ | |||||||||||
Risks/Challenges | ☑️ | |||||||||||
Timeline | ☑️ | |||||||||||
Security Best Practices | ||||||||||||
Security Contacts | SECURITY-CONTACTS.md | |||||||||||
Security Policy | SECURITY.md | |||||||||||
Code Scanning | ☑️ | |||||||||||
Seed code handoff | ☑️ | |||||||||||
Coding Standards | ☑️ | ☑️ | ||||||||||
Security design principals | ☑️ | OSSF Scorecard; OSSF Best Practices | ||||||||||
Vulnerability Reporting | ☑️ | |||||||||||
Demonstrate Security Awareness | ☑️ | |||||||||||
Practice Secure Lifecycle Management (per release) | ☑️ | |||||||||||
Documentation | ☑️ | |||||||||||
CI/CD best practices | ☑️ | |||||||||||
Secure project architecture | ☑️ | |||||||||||
Supply Chain Security | ☑️ | |||||||||||
SBOM creation | ☑️ | |||||||||||