Open MarcSkovMadsen opened 1 year ago
No objection to adding a CONTRIBUTING.MD. @maximlt @droumis I think we should add that as part of the overhaul of the developer docs.
On the funding front I don't really get how they assess that.
Oh we should also have a documented security policy. I don't know offhand what the standard way of doing that is but we should set up a vulnerability disclosure program with a dedicated email address.
We now have same score as comparable frameworks. The thing we can improve is addd a security policy.
Snyk Advisor is a quick way to see if a package is safe to use. This might be used to pre-screen data app frameworks.
Both Streamlit and Dash score 97/100 points. Panel scores 90/100 points.
See https://snyk.io/advisor/python/panel
As far as I can see we are missing
Snyk also evaluates the usage of Panel as uncommon. There are not so many public projects using the framework. I don't know if this contributes to the score.
.