CII Best practices badge addition #5432
Comments
|
I think it's fine to add it here :) At least I don't mind the extra badge, cc @nodejs/website what y'all think about it? |
|
Fine by me FWIW. Does it need to be on the home page or could it be on another page? |
|
I think it's better to add that after Nodejs(line 1) or add a new section as |
|
Yeah I also believe it's better fitting on the README rather than the website itself. |
|
It would be ideal to have it in the repo readme; I'm about to begin an OpenJS Foundation initiative with the goal of having every Foundation project follow these best practices, which include displaying the badge - the website would count, but the repo feels more appropriate to me. |
|
I also don't mind an extra badge I checked other projects and I saw the badge is put in README under the project name... IMO it's more appropriate |
|
@UlisesGascon feel free to open a PR against our README. It sounds clear that the Website Team isn't against this. To be honest, I don't think this falls to the Website Team, since this is an OpenJS initiative (correct me if I'm wrong) and probably the @nodejs/tsc is more interested in knowing we're setting up a badge that will theoretically grant us a certain status. But again, I think we're fine with proceeding with getting this adopted here :) |
I don't think the website repo's README is what the requirement demands. The only reason for adding the badge is to comply with their demand, not to actually showcase it :) |
|
oh sorry, i meant the node repo was the more appropriate place to put it. |
|
We should either have it on nodejs/node#README.md or Node.js website to display the badge. Otherwise, the requirements won't be met. |
|
And to make sure everybody on the thread has the context, there were objections to adding it to the node repo README.md in nodejs/node#48427 when @UlisesGascon opened a PR to do that. That is why the request to add it to the Website. |
|
@nodejs/website can you help us to progress the initiative? We are submitting the Silver badge currently, and this is a requirement. Maybe we can include it in the footer? Not sure where we can include the badge in the website 🤔 |
|
I had a couple minutes and I mocked up what it would look like on the current site - the footer seems like an okay place to me. 
But the new proposed layout has vastly streamlined this area of the site and I feel like simply duplicating it in the new footer would be a mistake. If the rest of @nodejs/nodejs-website agrees...
|
|
Governance is about how decisions are made, not about technical rubrics. Perhaps under "about" or "security reporting"? |
|
Feels right under Security Reporting, yeah. |
|
do we know what content is within the new "Security Reporting" page? if it's just a rename of the current "Security" page, that wont work well - as that's just a link to https://github.com/nodejs/node/security/policy#security |
In order to obtain the silver level ( nodejs/security-wg#955 ) we will need to met this criteria:
It was not possible to be done in the Node
README.md(nodejs/node#48427)I am not very sure where this badge can be added in the website, this is the sample code that is provided.
Related:
cc: @nodejs/security
The text was updated successfully, but these errors were encountered: