Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: add table to prioritize scorecard implementation #10

Merged
merged 6 commits into from
Mar 22, 2024
Merged

docs: add table to prioritize scorecard implementation #10

merged 6 commits into from
Mar 22, 2024

Conversation

inigomarquinez
Copy link
Member

@inigomarquinez inigomarquinez commented Mar 11, 2024

Description

Based on an Excel sheet of @UlisesGascon with all the packages of the express ecosystem (updated 1st February 2024), I have divided them into 5 blocks of 10 repositories each (plus a block of repositories with low priority as they may be deprecated and another block of repositories that may not be the focus of the scorecard, as they are used for documentation) to prioritize the OpenSSF score card implementation.

For that, I have sorted the repositories by the number of downloads per week and assigned them a priority between 1 (the most important) and 5 (the least important) in the Scorecard priority block column. All those repositories with low priority have a priority of 6.

The table is then sorted alphabetically.

This is an initial version, so feel free to add your feedback.

Context

As part of the OpenSSF Scorecard implementation, the first step will be defining the scope and priority of each repo so we can divide efforts when adding the scorecard to each repo.

@inigomarquinez inigomarquinez added the documentation Improvements or additions to documentation label Mar 11, 2024
@inigomarquinez inigomarquinez requested a review from a team March 11, 2024 16:59
@inigomarquinez inigomarquinez self-assigned this Mar 11, 2024
Copy link
Member

@UlisesGascon UlisesGascon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks for consolidate it @inigomarquinez 🙌

tools/scope/packages-in-scope.md Outdated Show resolved Hide resolved
Co-authored-by: Ulises Gascón <ulisesgascongonzalez@gmail.com>
@wesleytodd
Copy link
Member

Did we cross reference this with the this? expressjs/admin#1

@carpasse
Copy link
Contributor

carpasse commented Mar 13, 2024

@inigomarquinez I've done the cross reference against the repos listed in expressjs/admin#1
Here are my findings:
packages-in-scope.md

Possible improvements to the scope table

  1. Create a table per org.
  2. Add a project name column
  3. Sort table rows by project name. It makes everything easier to find

P.S. @wesleytodd I think some of the repos listed this PR are not listed in expressjs/admin#1 I've listed them in the file with my findings in case you want to take a look

@inigomarquinez
Copy link
Member Author

inigomarquinez commented Mar 13, 2024

@carpasse , thanks for the idea. I've refactored the file to include the information you provide in the file in this commit

@wesleytodd , this should solve your comment.

Copy link
Member

@UlisesGascon UlisesGascon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks @inigomarquinez

@UlisesGascon UlisesGascon merged commit c714ed5 into expressjs:main Mar 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
documentation Improvements or additions to documentation
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants