ErezYalon
commented
1 year ago @vanderaj, the necessity of the release notes is clear. Regarding the badge, do we really need an OpenSSF badge for a document?
Closed vanderaj closed 1 year ago
ErezYalon
commented
1 year ago @vanderaj, the necessity of the release notes is clear. Regarding the badge, do we really need an OpenSSF badge for a document?
PauloASilva
commented
1 year ago In fact our releases are tagged and include release notes.
Nevertheless, since we're using conventional commits and the git flow branching model it should be fairly easy to update a tracked RELEASE_NOTES file.
PauloASilva
commented
1 year ago The 2023 edition has a Release Notes sections. Project releases are tagged with a version number that include release notes too: e.g. v2.2.0
The OpenSSF badge requires release notes for the release. These don't currently exist.
"The project MUST provide, in each release, release notes that are a human-readable summary of major changes in that release to help users determine if they should upgrade and what the upgrade impact will be. The release notes MUST NOT be the raw output of a version control log (e.g., the "git log" command results are not release notes). Projects whose results are not intended for reuse in multiple locations (such as the software for a single website or service) AND employ continuous delivery MAY select "N/A". {N/A justification} {Met URL} [release_notes]"