Skip to content

docs: add openssf silver badge compliance documents#233

Merged
rhuanbarreto merged 4 commits into
mainfrom
docs/openssf-silver-badge
Apr 26, 2026
Merged

docs: add openssf silver badge compliance documents#233
rhuanbarreto merged 4 commits into
mainfrom
docs/openssf-silver-badge

Conversation

@rhuanbarreto

Copy link
Copy Markdown
Contributor

Summary

  • Add ROADMAP.md — public-facing roadmap through Phase 3 (ecosystem growth), derived from internal strategic/tactical plans. Satisfies documentation_roadmap (MUST).
  • Add ASSURANCE-CASE.md — security assurance case with threat model (7 threats), trust boundary diagram, secure design principles, and countermeasures. Satisfies assurance_case (MUST).
  • Add MAINTAINERS.md — maintainer list, access continuity plan with all critical access points and backup mechanisms. Satisfies access_continuity (MUST) and documents bus_factor (SHOULD).
  • Add DCO enforcement.github/workflows/dco.yml workflow + DCO section in CONTRIBUTING.md with sign-off instructions. Satisfies dco (SHOULD).
  • Add OpenSSF Best Practices badge to README.
  • Fix stale credential references — updated 11 doc files (EN + PT-BR) across security guide, plugin guides, and CLI reference to reflect current implementation: tokens stored exclusively in OS credential manager via git credential approve, no plain-text files on disk.

After merging, update the badge application with URLs to the new documents and mark internationalization as N/A (developer CLI tool; docs already i18n'd with EN + PT-BR).

Test plan

  • Verify ROADMAP.md renders correctly on GitHub
  • Verify ASSURANCE-CASE.md trust boundary diagram renders in monospace
  • Verify MAINTAINERS.md renders correctly
  • Verify DCO workflow syntax is valid (check Actions tab after push)
  • Verify CONTRIBUTING.md DCO section has correct sign-off instructions
  • Verify credential references are updated in all EN and PT-BR docs
  • Verify OpenSSF badge renders in README

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Apr 26, 2026

Copy link
Copy Markdown

Deploying archgate-cli with  Cloudflare Pages  Cloudflare Pages

Latest commit: c644da9
Status: ✅  Deploy successful!
Preview URL: https://9cb85256.archgate-cli.pages.dev
Branch Preview URL: https://docs-openssf-silver-badge.archgate-cli.pages.dev

View logs

rhuanbarreto and others added 4 commits April 26, 2026 21:48
Add ROADMAP.md, MAINTAINERS.md, ASSURANCE-CASE.md, and DCO
enforcement workflow to satisfy the remaining OpenSSF Best Practices
Silver badge criteria (documentation_roadmap, assurance_case,
access_continuity, dco).

Update all credential references across English and Portuguese docs
to reflect the current implementation: tokens are stored exclusively
in the OS credential manager via git credential approve — no
plain-text files on disk.

Signed-off-by: Rhuan Barreto <rhuan@barreto.work>
Signed-off-by: Rhuan Barreto <rhuan@barreto.work>
Signed-off-by: Rhuan Barreto <rhuan@barreto.work>
Replace nonexistent dkhamsing/check-dco action with a self-contained
shell script. Run oxfmt on new markdown files.

Signed-off-by: Rhuan Barreto <rhuan@barreto.work>
@rhuanbarreto rhuanbarreto force-pushed the docs/openssf-silver-badge branch from 2c24a61 to c644da9 Compare April 26, 2026 19:48
@rhuanbarreto rhuanbarreto changed the title docs: OpenSSF Silver badge compliance docs: add openssf silver badge compliance documents Apr 26, 2026
@rhuanbarreto rhuanbarreto merged commit 0789cec into main Apr 26, 2026
14 of 16 checks passed
@rhuanbarreto rhuanbarreto deleted the docs/openssf-silver-badge branch April 26, 2026 20:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant