Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions .bestpractices.json
Original file line number Diff line number Diff line change
Expand Up @@ -17,17 +17,17 @@
"interact_justification": "GitHub Issues for bug reports and discussion, SECURITY.md for private vulnerability disclosure (GitHub Security Advisories). Both linked from README.",
"interact_url": "https://github.com/RandomCodeSpace/otelcontext/issues",
"contribution_status": "Met",
"contribution_justification": "Contribution process documented in CONTRIBUTING.md (PR template, conventional commits, test + vet + lint requirements).",
"contribution_justification": "Contribution process documented in CONTRIBUTING.md (PR template, conventional commits, test + vet + lint requirements): https://github.com/RandomCodeSpace/otelcontext/blob/main/CONTRIBUTING.md",
"contribution_url": "https://github.com/RandomCodeSpace/otelcontext/blob/main/CONTRIBUTING.md",
"contribution_requirements_status": "Met",
"contribution_requirements_justification": "CONTRIBUTING.md documents PR requirements: `go test -race ./...` passing, `go vet ./...` clean, golangci-lint clean, Semgrep + OSV-Scanner + Trivy + Gitleaks security stack green, Conventional Commit style.",
"contribution_requirements_justification": "CONTRIBUTING.md documents PR requirements: `go test -race ./...` passing, `go vet ./...` clean, golangci-lint clean, Semgrep + OSV-Scanner + Trivy + Gitleaks security stack green, Conventional Commit style. See https://github.com/RandomCodeSpace/otelcontext/blob/main/CONTRIBUTING.md",
"contribution_requirements_url": "https://github.com/RandomCodeSpace/otelcontext/blob/main/CONTRIBUTING.md",
"floss_license_status": "Met",
"floss_license_justification": "MIT \u2014 https://opensource.org/licenses/MIT",
"floss_license_osi_status": "Met",
"floss_license_osi_justification": "MIT is OSI-approved.",
"license_location_status": "Met",
"license_location_justification": "LICENSE.md at repository root.",
"license_location_justification": "LICENSE.md at repository root: https://github.com/RandomCodeSpace/otelcontext/blob/main/LICENSE.md",
"license_location_url": "https://github.com/RandomCodeSpace/otelcontext/blob/main/LICENSE.md",
"documentation_basics_status": "Met",
"documentation_basics_justification": "README.md covers what otelcontext is, how to run it, ports/protocols (OTLP gRPC :4317, HTTP :8080), database driver options, TLS bootstrap, and authentication. CLAUDE.md documents the architecture (ingestion, GraphRAG, MCP, storage, configuration).",
Expand Down Expand Up @@ -65,12 +65,12 @@
"version_tags_justification": "Tagged releases are published on GitHub.",
"version_tags_url": "https://github.com/RandomCodeSpace/otelcontext/tags",
"release_notes_status": "Met",
"release_notes_justification": "GitHub auto-generates release notes from PR titles for each tag; releases are listed at the URL below. Pre-1.0 cadence ships beta tags from main.",
"release_notes_justification": "GitHub auto-generates release notes from PR titles for each tag; releases are listed at https://github.com/RandomCodeSpace/otelcontext/releases . Pre-1.0 cadence ships beta tags from main.",
"release_notes_url": "https://github.com/RandomCodeSpace/otelcontext/releases",
"release_notes_vulns_status": "Met",
"release_notes_vulns_justification": "Security fixes are landed in tagged commits with `fix(security):` Conventional-Commit prefix and surface in the auto-generated release notes (e.g. commit 89de89a `fix(security): patch HIGH/CRITICAL vulns flagged by OSV+Trivy on PR #34 (RAN-56)`).",
"report_process_status": "Met",
"report_process_justification": "SECURITY.md documents how to report bugs (GitHub Issues) vs vulnerabilities (private GitHub Security Advisory or email fallback to ak.nitrr13@gmail.com with `[otelcontext security]` subject prefix).",
"report_process_justification": "SECURITY.md documents how to report bugs (GitHub Issues) vs vulnerabilities (private GitHub Security Advisory or email fallback to ak.nitrr13@gmail.com with `[otelcontext security]` subject prefix). See https://github.com/RandomCodeSpace/otelcontext/blob/main/SECURITY.md",
"report_process_url": "https://github.com/RandomCodeSpace/otelcontext/blob/main/SECURITY.md",
"report_tracker_status": "Met",
"report_tracker_justification": "GitHub Issues is the public bug tracker.",
Expand All @@ -80,13 +80,13 @@
"enhancement_responses_status": "Met",
"enhancement_responses_justification": "Enhancement requests are triaged via GitHub Issues; maintainer responds within 14 days.",
"report_archive_status": "Met",
"report_archive_justification": "GitHub Issues serves as the public archive of bug reports (open + closed). GitHub Security Advisories archives coordinated-disclosure reports.",
"report_archive_justification": "GitHub Issues is the public, searchable archive of bug reports, open and closed: https://github.com/RandomCodeSpace/otelcontext/issues?q=is%3Aissue . GitHub Security Advisories archives coordinated-disclosure reports.",
"report_archive_url": "https://github.com/RandomCodeSpace/otelcontext/issues?q=is%3Aissue",
"vulnerability_report_process_status": "Met",
"vulnerability_report_process_justification": "SECURITY.md is the canonical disclosure entry point: preferred channel is GitHub Security Advisory (private), with email fallback. Acknowledgement SLA: 5 business days. Triage SLA for High/Critical: 10 business days. Default embargo: 90 days or first patched release.",
"vulnerability_report_process_justification": "SECURITY.md is the canonical disclosure entry point: preferred channel is a private GitHub Security Advisory, with email fallback. Acknowledgement SLA 5 business days; triage SLA 10 business days for High/Critical; default embargo 90 days or first patched release. See https://github.com/RandomCodeSpace/otelcontext/blob/main/SECURITY.md",
"vulnerability_report_process_url": "https://github.com/RandomCodeSpace/otelcontext/blob/main/SECURITY.md",
"vulnerability_report_private_status": "Met",
"vulnerability_report_private_justification": "GitHub private vulnerability reporting is the preferred channel; advisories are filed at the URL below.",
"vulnerability_report_private_justification": "GitHub private vulnerability reporting is the preferred channel; advisories are filed at https://github.com/RandomCodeSpace/otelcontext/security/advisories/new",
"vulnerability_report_private_url": "https://github.com/RandomCodeSpace/otelcontext/security/advisories/new",
"vulnerability_report_response_status": "Met",
"vulnerability_report_response_justification": "SECURITY.md commits to acknowledgement within 5 business days and a fix triage decision within 10 business days for High/Critical.",
Expand Down