https://bestpractices.coreinfrastructure.org/
The Linux Foundation (LF) Core Infrastructure Initiative (CII) Best Practices badge is a way for Free/Libre and Open Source Software (FLOSS) projects to show that they follow best practices. Projects can voluntarily self-certify, at no cost, by using this web application to explain how they follow each best practice. The CII Best Practices Badge is inspired by the many badges available to projects on GitHub. Consumers of the badge will be able to quickly assess which FLOSS projects are following best practices and as a result are more likely to produce higher-quality secure software.
Are there any objections why Solus shouldn't participate?
Description
Description
Event Timeline
Comment Actions
This is for software projects - not entire distros. If folks are choosing distros based on an absurd badge which is backed by a corporate
consortium including members such as Google, Intel, IBM, Amazon, etc, how much do they actually care about freedom?
I don't see this as applicable to Solus
Comment Actions
What about eopkg/sol then? dpkg has apparently joined: https://bestpractices.coreinfrastructure.org/users/902
The list of suggested improvements is very good: https://github.com/coreinfrastructure/best-practices-badge
Reproducible builds would certainly be great to have: https://reproducible-builds.org/
Comment Actions
We have reproducible builds for a large portion of Solus already. As and when we have GCC 7.3 we'll support SOURCE_DATE_EPOCH and we can greatly improve
the reproducability of the remaining stragglers.
I'm not sure why you're suggesting these things without first knowing how Solus already works.