You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Tracking here, but in all of our repos ( PMAT, PMA, APIs, Contracts, ???) checkout the following list fro Giacomo and implement what's missing:
Suggested Best Practices and contact points:
add a README.md fine and set guidelines for repository contributors, see this detailed guide from Github
add branch protection to the main branch, only allow PR merge with at least 1 reviewer/owner
add a proper .gitignore file based on the project, here is a comprehensive list
run sanity checks for credentials and sensitive information to prevent data leaks (catch-up with the Security team - @Denis
)
add vulnerability scans and static code checks (catch-up with the Security team - @Denis
)
remove comments on issues and PR at least until the repo gets traction (there have been attacks that leverage comments to distribute malwares)
choose a proper software license for the project: https://choosealicense.com/ . Catch-up with the Legal team if there are specific requirements or needs so they can advise on the right legal framework to adopt
create tagged releases by following common software development principles (e.g. vMajor.Minor.Patch) and provide a changelog for the release
The text was updated successfully, but these errors were encountered:
Tracking here, but in all of our repos ( PMAT, PMA, APIs, Contracts, ???) checkout the following list fro Giacomo and implement what's missing:
Suggested Best Practices and contact points:
add a README.md fine and set guidelines for repository contributors, see this detailed guide from Github
add branch protection to the main branch, only allow PR merge with at least 1 reviewer/owner
add a proper .gitignore file based on the project, here is a comprehensive list
run sanity checks for credentials and sensitive information to prevent data leaks (catch-up with the Security team -
@Denis
)
add vulnerability scans and static code checks (catch-up with the Security team -
@Denis
)
remove comments on issues and PR at least until the repo gets traction (there have been attacks that leverage comments to distribute malwares)
choose a proper software license for the project: https://choosealicense.com/ . Catch-up with the Legal team if there are specific requirements or needs so they can advise on the right legal framework to adopt
create tagged releases by following common software development principles (e.g. vMajor.Minor.Patch) and provide a changelog for the release
The text was updated successfully, but these errors were encountered: