Skip to content

docs: add OpenSSF baseline guidance for the repository #1626

Description

@malsomesh9

Summary

The repository has an open PR #1579 that adds docs/openssf/*, but there is no issue tracking that documentation work.

Problem

Security and supply-chain expectations are easier to maintain when the project has an explicit record of which OpenSSF baseline practices it is targeting and how contributors can evaluate current status. Right now that effort is only visible in the PR itself.

Impact

Without a tracked issue, it is harder to:

  • discuss which OpenSSF baseline levels are in scope for the project
  • review the documentation as part of a broader security roadmap
  • follow up on gaps between current practice and the documented baseline

Suggested scope

  • add OpenSSF baseline documentation under docs/openssf/
  • describe the intended level(s) and what is already satisfied vs still pending
  • link the docs from the main contributor or security documentation entry points

Related work

Metadata

Metadata

Assignees

Labels

documentationImprovements or additions to documentation

Type

Fields

No fields configured for Task.

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions