You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The OpenSSF staff will implement this for an OpenSSF repository,
46
47
but only on request (to avoid unnecessary work).
48
+
See the section [One-time setup](#one-time-setup)).
47
49
48
50
## Tips
49
51
@@ -58,11 +60,13 @@ Directory and file names with spaces are supported,
58
60
but not recommended, because the
59
61
resulting URLs look odd (space becomes `%20`).
60
62
63
+
In most cases documents should be in markdown format for ease of editing.
61
64
All markdown (`.md`) files will be converted into HTML (`.html`) files;
62
65
you can omit the trailing `.html` when accessing them using a web browser.
63
66
64
67
When using markdown:
65
68
69
+
* If the document is a draft, *clearly* indicate that.
66
70
* We recommend including `markdownlint` in your CI/CD, possibly configured
67
71
specially, to detect and prevent problems ahead-of-time.
68
72
* Try to limit yourself
@@ -137,13 +141,14 @@ Here's how to do that:
137
141
Select *Code and automation/Pages*. Under *Build and deployment* select
138
142
*Deploy from a branch* using branch `main` and folder `/docs`, then save.
139
143
Under *custom domain* enter your custom domain (e.g., `best.openssf.org`)
140
-
and select Save; this will create a file name`CNAME` in the root directory.
144
+
and select Save; this will create a file named`CNAME` in the root directory.
141
145
3.*Configure DNS*. Change the DNS setting for the
142
146
(new) domain name (e.g., `best.openssf.org`) so its `CNAME` points
143
-
to the *organization* GitHub site (e.g., `ossf.github.io`).
147
+
to `ossf.github.io` (the *organization* GitHub site).
144
148
Note that *every* repository of an organization uses the same `CNAME`
145
-
(GitHub uses the CNAME file in your repository to figure out which
146
-
site will be used). OpenSSF members
149
+
for this particular setting, and *not* the name of the specific repository.
150
+
GitHub instead uses the CNAME file in your repository to figure out
151
+
exactly which repository will be used. OpenSSF members
147
152
can just email `operations` at `openssf.org`;
148
153
Linux Foundation employees can send the request to
149
154
[LF support](https://support.linuxfoundation.org) or more specifically
@@ -163,15 +168,17 @@ Here's how to do that:
163
168
164
169
### Problem
165
170
166
-
The initial approach we (the OpenSSF) have been
167
-
been using for distributing most of our results has many problems.
168
-
The initial approach shows readers lots of
171
+
Only using the GitHub repository interface for distributing results
172
+
many drawbacks.
173
+
It shows readers lots of
169
174
irrelevant text (the GitHub source repo interface), we cannot control
170
175
its formatting, the URLs aren't related to our (`openssf.org`) domain,
171
176
most metadata (such as the description) is wrong, and search engines
172
177
are likely to give it low scores (because it's "just a random page
173
178
on GitHub"). For an example of this "ugly" view, see the
174
179
[Guide to implementing a coordinated vulnerability disclosure process for open source projects](https://github.com/ossf/oss-vulnerability-guide/blob/main/maintainer-guide.md)
180
+
The GitHub repository interface is *great* when making changes, but not
181
+
for sharing final document results.
175
182
176
183
There are a practically infinite number of ways to publish results
177
184
on a website that are better.
@@ -291,8 +298,8 @@ we have adequate solutions:
291
298
The "obvious" solution is to have a repo for just the CSS,
292
299
and then have all other OpenSSF repos include that CSS.
293
300
Then there would be one place to update CSS.
294
-
If we have that many repos, we can implement this, and have the
295
-
one-time cost of changing each publishing repo to use it.
301
+
If we have that many repos, we can implement this, and
302
+
change each publishing repo to use it.
296
303
2.*Abandoned domain names*. If a repo is deleted,
297
304
we also need to delete the repo entry.
298
305
Repo deletion is incredibly rare (we've never done it in 3 years),
@@ -319,7 +326,8 @@ we have adequate solutions:
319
326
The OpenSSF staff only plans to take the one-time SPP steps
320
327
by request, so they will only need to take those steps
321
328
if someone plans to use it.
322
-
5.*Forge changes*. We have no plans and no reason to stop using GitHub.
329
+
5.*Moving to another forge*.
330
+
We have no plans and no reason to stop using GitHub.
323
331
If we did move, however, the key components that implement this process
324
332
(the [Jekyll engine](https://jekyllrb.com/docs/),
325
333
the [`kramdown`](https://kramdown.gettalong.org/) markdown processor, and the
@@ -330,12 +338,15 @@ we have adequate solutions:
330
338
6.*Publication dates*. As currently implemented the SPP does not
331
339
automatically add publication dates. There are Jekyll
332
340
plug-ins we could use to create publication dates, but installing them
333
-
seems complex and probably not worth it. For now, we ask that
341
+
is complex and probably not worth it. For now, we ask that
334
342
groups just include the date in the document being published.
335
343
While groups could occasionally forget to update them,
336
344
this also means that the date will be robustly included in the file itself
337
345
once they are updated, and we expect people will easily understand
338
346
when they need to update a simple date.
347
+
7.*Sharing before official release*. It's important to be able to see
348
+
documents while they're being initially developed. Those documents can
0 commit comments