The keda project already has an OpenSSF Best Practices badge, see their README or the OpenSSF project.
Current status of this project: https://scorecard.dev/viewer/?uri=github.com/kedacore/http-add-on
We should improve this project to achieve at least the passing badge as well as it contains quite a few good checks/requirements like providing a SECURITY.md , tests in CI, a defined review process, security scanning, ...
We already have almost everything for the passing badge, there is not much to do.
Besides that, the badge also is a requirement for incubating and graduated CNCF projects, see https://github.com/cncf/toc/blob/fe9de66d2c4724d73986770a383ae717027a45e4/.github/ISSUE_TEMPLATE/template-incubation-application.md?plain=1#L236
I created a badge project and already filled out most of the fields: https://www.bestpractices.dev/en/projects/12745/passing
The keda project already has an OpenSSF Best Practices badge, see their README or the OpenSSF project.
Current status of this project: https://scorecard.dev/viewer/?uri=github.com/kedacore/http-add-on
We should improve this project to achieve at least the passing badge as well as it contains quite a few good checks/requirements like providing a SECURITY.md , tests in CI, a defined review process, security scanning, ...
We already have almost everything for the passing badge, there is not much to do.
Besides that, the badge also is a requirement for incubating and graduated CNCF projects, see https://github.com/cncf/toc/blob/fe9de66d2c4724d73986770a383ae717027a45e4/.github/ISSUE_TEMPLATE/template-incubation-application.md?plain=1#L236
I created a badge project and already filled out most of the fields: https://www.bestpractices.dev/en/projects/12745/passing