Relatedly there s always a pile of stuff hanging around

Question

Relatedly there s always a pile of stuff hanging around <https bestpractices coreinfrastructure org en projects 3125>

Mike Myers · Answer

Yea have an assurance case is actually something that would check one of the Silver requirements

seph · Answer

I want to love the bestpractices project but I end up feeling like it s some weird committee driven mishmash of mediocre ideas

seph · Answer

have a roadmap extending a year makes no real sense for any kind of core infra project Like what do you think apache s roadmap is Keep working Go faster Works with standard bodies on http vwhatever

seph · Answer

Or have a test suite that captures bugs found Like maaaaybe That s complicated And depends on how subtle the bug is

seph · Answer

I can rattle off several things it might be cool for osquery to do But roadmap implies committed resources and I don t really feel like we have that And TBH I m not sure it would benefit the project Or even make it seem like we re more active I dunno it s like some central planning vs democracy style argument

Mike Myers · Answer

yea we can t plan a roadmap with a timeline because the funding contribution isn t that predictable

Mike Myers · Answer

it d just end up with a lot of people asking when we re going to get done is it done yet is it done yet

seph · Answer

Yep

Mike Myers · Answer

But if someone has the credentials to this site we can honestly check more of these Gold tier boxes <https bestpractices coreinfrastructure org en projects 3125 criteria level=2 analysis> at least two unassociated significant contributors include a copyright statement in each source file identifying the copyright holder include a license statement in each source file have at least 50 of all proposed modifications reviewed before release by a person other than the author

seph · Answer

I have access I m not sure who else does Either github owners or committers probably so you might

seph · Answer

Though I did just checky those