Consider Translating the Threats Document to Markdown

ossf / wg-metrics-and-metadata

The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this by collecting, curating, and communicating relevant metrics and metadata from open source projects and the ecosystems of which they are a part.

https://openssf.org

Apache License 2.0

221 stars 42 forks source link

Consider Translating the Threats Document to Markdown #5

Open dlorenc opened 3 years ago

dlorenc commented 3 years ago

Consider translating the published threats doc to Markdown or another plain text format. That would allow others to contribute and make edits here in the repo.

stevespringett commented 3 years ago

If this document is going to be a living document, then I agree. Markdown would be ideal. All OWASP verification standards use this approach and we all use GitHub actions containing pandoc and supporting scripts that convert the markdown to pdf and doc on commit and release. This project could do something similar.

scovetta commented 3 years ago

Agree, this is a good idea!

GrooveCS commented 3 years ago

Hi @luigigubello,

I would like to support this effort. Where can I find information and resources on the approach, and where could I start. I can provide 2 to 4 hours a week of support at the moment.

Thank you.

GrooveCS commented 3 years ago

Thanks, @luigigubello, for the information in Slack I see this issue is associated with this PR #16

Luigi Gubello 5:59 PM ET, 31 March 2021 Hi :slightly_smiling_face: I have read your comment on Github, I don't know why that issue is still open, but we already have a markdown document: Threats, Risks, and Mitigations in the Open Source Ecosystem.md

Can one of the maintainers assist us with associating the PR #16 and closing this issues #5?

@scovetta @stevespringett