Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: rearrange and rename and add badges to meet current feature set #225

Draft
wants to merge 1 commit into
base: staging
Choose a base branch
from

Conversation

jenstroeger
Copy link
Owner

@jenstroeger jenstroeger commented Jun 22, 2022

Just playing around with badges, which ones we want to show and how…

license pre-commit conventional-commits black bandit codeql mypy flake8 pylint pytest hypothesis coverage

Here I focused more on the area and feature sets this repo offers, instead of having the badge show details for the specific feature.

Should we add a badge for SLSA level 1*, too (see issue #25) — slsa

What about a Scorecard badge (see issue #32) — is that a code qa badge, or ci?

What about the OSSF Best Practices badge (see issue #121) — is that a code qa badge, or ci?

—————
* We haven’t quite reached level 2 yet, have we?

@jenstroeger jenstroeger requested a review from behnazh June 22, 2022 00:01
Copy link
Owner Author

@jenstroeger jenstroeger left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the badge should read flake8.

@jenstroeger
Copy link
Owner Author

And for laffs & giggles we could consider using the LGBT Flag colors ☺️

@behnazh
Copy link
Collaborator

behnazh commented Aug 2, 2022

We can also add this SLSA badge now.

@jenstroeger
Copy link
Owner Author

jenstroeger commented Aug 2, 2022

We can also add this SLSA badge now.

That’s an SVG with an embedded data URL for the logo*. So, using the shields.io badges we already use I guess we can mimic that badge: slsa

That logo would deviate though from the pattern I considered establishing, where a badge has a “type” on the left (e.g. “security” or “ci”) and a value on the right (e.g. “bandit” and “CodeQL” for the “security” badge). The SLSA would be a “ci” badge, maybe?

—————
* I suggested to the SLSA folks to submit their logo to Simple Icons to make it available through a slug: slsa-framework/slsa#457

@jenstroeger
Copy link
Owner Author

jenstroeger commented Nov 2, 2022

And now this repo also supports pip-audit: pip-audit

@jenstroeger
Copy link
Owner Author

I rebased an updated this PR:

licensepre-commit conventional-commitsblackbandit codeql pip-auditslsamypy flake8 pylintpytest hypothesis coverage

@jenstroeger
Copy link
Owner Author

Oh, and Github can also create badges from workflow runs! @behnazh should we add the badges for a few of our important workflows, for example

Check and Release

CodeQL

Scorecards supply-chain security

@jenstroeger
Copy link
Owner Author

The actual Scorecard badge with current score: OpenSSF Scorecard

@jenstroeger
Copy link
Owner Author

Looks like the Conventional Commits folks provide their own badge: Conventional Commits

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants