https://github.com/osquery/osquery logo
Join Slack
Powered by
Relatedly, there’s always a pile of stuff hanging ...
# core
s
Relatedly, there’s always a pile of stuff hanging around https://bestpractices.coreinfrastructure.org/en/projects/3125
m
Yea, "have an assurance case" is actually something that would check one of the Silver requirements
s
I want to love the bestpractices project, but I end up feeling like it’s some weird committee driven mishmash of mediocre ideas.
“have a roadmap extending a year” makes no real sense for any kind of core infra project. Like. what do you think apache’s roadmap is? “Keep working. Go faster. Works with standard bodies on http vwhatever”
💯 1
Or “have a test suite that captures bugs found”. Like maaaaybe? That’s complicated. And depends on how subtle the bug is
m
s
I can rattle off several things it might be cool for osquery to do, But roadmap implies committed resources, and I don’t really feel like we have that, And TBH I’m not sure it would benefit the project. Or even make it seem like we’re more active. I dunno. it’s like some central planning vs democracy style argument
m
yea we can't plan a roadmap with a timeline because the funding/contribution isn't that predictable
it'd just end up with a lot of people asking when we're going to get done, is it done yet, is it done yet?
s
Yep
m
But if someone has the credentials to this site, we can honestly check more of these Gold tier boxes. https://bestpractices.coreinfrastructure.org/en/projects/3125?criteria_level=2#analysis • at least two unassociated significant contributors • include a copyright statement in each source file, identifying the copyright holder • include a license statement in each source file. • have at least 50% of all proposed modifications reviewed before release by a person other than the author
s
I have access. I’m not sure who else does. Either github owners or committers probably, so you might
Though I did just checky those
🆒 1
Open in Slack
PreviousNext
Powered by