Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clarification of "active and "stable" as factors for OSS SCRM. #13

Open
risacher opened this issue Jul 30, 2021 · 0 comments
Open

Clarification of "active and "stable" as factors for OSS SCRM. #13

risacher opened this issue Jul 30, 2021 · 0 comments

Comments

@risacher
Copy link
Owner

From JITC comment: "Coordinator Comment and Justification: Suggest coming up with a more granular set of analysis criteria than “active and stable.” What characterizes a project as active and stable? Yearly updates? Monthly? 10 contributors? Hundreds? The subjectivity here is wide reaching and could lead us down a dangerous path if we do not bound the criteria.

Coordinator Recommended Change: Provide clarification as to what it means for an Open Source project to be both “active” and “stable” in order for appropriate supply chain risk analysis to be performed."

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant