Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CII-Best-Practices for Nodejs: Silver level #955

Merged
merged 54 commits into from
Aug 21, 2023

Conversation

UlisesGascon
Copy link
Member

@UlisesGascon UlisesGascon commented Apr 16, 2023

Related #953

This pull request contains a dump of the current questions and answers for the Node.js project in OpenSSF Best Practices for Silver Level. The purpose is to review the current answers, update and comment on them until we have a final version, and then update the OpenSSF Best Practices site.

tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
Copy link
Member Author

@UlisesGascon UlisesGascon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@nodejs/security I closed the previous discussions and I added new ones.

The new ones are the last step before we can merge it 🙌

tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
tools/ossf_best_practices/silver_criteria.md Outdated Show resolved Hide resolved
@UlisesGascon
Copy link
Member Author

UlisesGascon commented Jul 31, 2023

Ok, so we managed to close all the discussions! 🎉🎉

@nodejs/security: can you perform a final review and approve this version?

cc: @ljharb @richardlau @tniessen @ShogunPanda @BethGriggs

Copy link
Member

@ljharb ljharb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM pending the remaining threads

@UlisesGascon
Copy link
Member Author

UlisesGascon commented Aug 5, 2023

In the last team meeting (see) we agreed to ask for a final review from the @nodejs/tsc.

In the meantime I will start working on #956 and prepare the discussions

Copy link
Member

@RafaelGSS RafaelGSS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ping @nodejs/tsc

@UlisesGascon
Copy link
Member Author

Thanks a lot for all the hard work! ❤️

As agreed in our last meeting, I will merge this PR.

I hope to see the Silver badge soon 🙌

@UlisesGascon UlisesGascon merged commit b93ef8e into nodejs:main Aug 21, 2023
6 checks passed
@UlisesGascon UlisesGascon deleted the feat/best-practices-silver branch August 21, 2023 08:02
Comment on lines +92 to +94
The project repository front page and/or website MUST identify and hyperlink to any achievements, including this best practices badge, within 48 hours of public recognition that the achievement has been attained. (URL required)

**Met**
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This appears to be missing the required URL.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, good catch @tniessen. We have an issue open for it: nodejs/nodejs.org#5432 (comment). I hope that we can integrate it in the website 🤞

patrickm68 added a commit to patrickm68/security-wg-process that referenced this pull request Sep 14, 2023
* feat: copied passing criterial Questions and Answers

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* feat: update responses

Ref: nodejs/security-wg#955 (comment)

* feat:  update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* Update tools/ossf_best_practices/silver_criteria.md

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

Ref: nodejs/security-wg#955 (comment)

* feat: update responses

Ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* Update tools/ossf_best_practices/silver_criteria.md

* feat: update responses

Ref: nodejs/security-wg#955 (comment)

* feat: update responses

* feat: update responses

* feat: update responses

* Update tools/ossf_best_practices/silver_criteria.md

* Update tools/ossf_best_practices/silver_criteria.md

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

---------

Co-authored-by: Ulises Gascón <[email protected]>
Co-authored-by: Marco Ippolito <[email protected]>
mattstern31 added a commit to mattstern31/security-wg-process that referenced this pull request Nov 11, 2023
* feat: copied passing criterial Questions and Answers

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Ulises Gascón <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* Update tools/ossf_best_practices/silver_criteria.md

Co-authored-by: Marco Ippolito <[email protected]>

* feat: update responses

Ref: nodejs/security-wg#955 (comment)

* feat:  update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* Update tools/ossf_best_practices/silver_criteria.md

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

Ref: nodejs/security-wg#955 (comment)

* feat: update responses

Ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* Update tools/ossf_best_practices/silver_criteria.md

* feat: update responses

Ref: nodejs/security-wg#955 (comment)

* feat: update responses

* feat: update responses

* feat: update responses

* Update tools/ossf_best_practices/silver_criteria.md

* Update tools/ossf_best_practices/silver_criteria.md

* feat: update responses

ref: nodejs/security-wg#955 (comment)

* feat: update responses

ref: nodejs/security-wg#955 (comment)

---------

Co-authored-by: Ulises Gascón <[email protected]>
Co-authored-by: Marco Ippolito <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.