BadgeApp

Udhibiti wa Mabadiliko 9/9 ●

Hifadhi ya chanzo ya kudhibiti toleo ya hadharani
Criterion [repo_public]
Umetimizwa

Haujatimizwa

?

Mradi LAZIMA uwe na hifadhi ya chanzo ya kudhibiti toleo ambayo inaweza kusomwa hadharani na ina URL. ^{[repo_public]}
URL YAWEZA kuwa sawa na URL ya mradi. Mradi YAWEZA kutumia matawi ya faragha (yasiyo ya umma) katika hali maalum wakati mabadiliko hayajatolewa hadharani (k.m., kwa kurekebisha udhaifu kabla haujafichuliwa kwa umma).
The project uses a public GitHub repository with Git version control:
1. Version Control System: Git
  
  Full commit history preserved
  
  Branching and tagging support
  
  Distributed version control
2. Publicly Readable:
  
  No authentication required to view
  
  Source code browsable via web
  
  Clone/download available to anyone
3. Repository URL:
  
  Primary: https://github.com/LatticeArc/latticearc
  
  Git clone: git@github.com:LatticeArc/latticearc.git
4. Features:
  
  Commit history visible
  
  Blame/annotation available
  
  Diff viewing
  
  Branch/tag browsing
URL: https://github.com/LatticeArc/latticearc
Criterion [repo_track]
Umetimizwa

Haujatimizwa

?

Hifadhi ya chanzo ya mradi LAZIMA ifuatilie mabadiliko yaliyofanywa, nani alifanya mabadiliko, na mabadiliko yalifanywa lini. ^[repo_track]
Git version control automatically tracks all required information:
1. What Changes Were Made:
  
  Full diff for every commit
  
  Line-by-line change tracking
  
  File additions, modifications, deletions recorded
2. Who Made the Changes:
  
  Author name and email on every commit
  
  Committer information preserved
  
  GitHub links commits to user profiles
3. When Changes Were Made:
  
  Timestamp on every commit
  
  Author date and commit date recorded
  
  Full chronological history
Example commit metadata:
commit 32e85d4
Author: Kalyan Amaresam <...>
Date: Fri Jan 30 23:22:15 2026 -0500
```
 docs: Add comprehensive codebase audit plan                                                                                                                         
```
Viewable via:
- git log (command line)
- GitHub web interface (commits page)
- git blame (per-line attribution)

URL: https://github.com/LatticeArc/latticearc/commits/main Repository on GitHub, which uses git. git can track the changes, who made them, and when they were made.
Criterion [repo_interim]
Umetimizwa

Haujatimizwa

?

Ili kuwezesha ukaguzi wa ushirikiano, hifadhi ya chanzo ya mradi LAZIMA ijumuishe matoleo ya kati kwa ukaguzi kati ya matoleo; HAIPASWA kujumuisha matoleo ya mwisho tu. ^{[repo_interim]}
Miradi YAWEZA kuchagua kuondoa matoleo maalum ya kati kutoka hifadhi zao za chanzo za umma (k.m., zile zinazorekebi udhaifu maalum usiokuwa wa umma, huenda zisitolewe hadharani, au zijumuishe nyenzo ambazo haziwezi kuwekwa kisheria na haziko katika toleo la mwisho).
The repository includes complete development history, not just releases:
1. All Commits Visible:
  
  Every individual commit is preserved
  
  Development work between releases is tracked
  
  52+ commits in last 30 days (not just release tags)
2. Interim Development:
  
  Feature branches for work-in-progress
  
  Individual commits for incremental changes
  
  Pull requests show proposed changes before merge
3. Release vs Development:
  
  v0.1.0 (Jan 29) → 20+ commits → v0.1.1 (Jan 30) → 10+ commits → v0.1.2 (Jan 30)
  
  All intermediate commits available for review
4. Example Interim Commits:
  
  "test(arc-core): Add comprehensive unified API tests"
  
  "ci: Pin Docker base image by hash"
  
  "docs: Clarify Apache vs Enterprise feature scope"
  
  These are development commits, not releases.
URL: https://github.com/LatticeArc/latticearc/commits/main
Criterion [repo_distributed]
Umetimizwa

Haujatimizwa

?

INASHAURIWA kwamba programu ya kawaida ya udhibiti wa toleo iliyosambazwa itumike (k.m., git) kwa hifadhi ya chanzo ya mradi. ^{[repo_distributed]}
Git haihitajiki kihususa na miradi inaweza kutumia programu ya udhibiti wa toleo iliyokusanyika (kama subversion) na sababu.
The project uses Git, the most widely-used distributed version control system:
1. Version Control: Git
  
  Distributed architecture
  
  Full history on every clone
  
  Offline commit capability
  
  Industry standard
2. Hosting: GitHub
  
  Built on Git
  
  Web interface for collaboration
  
  Pull request workflow
  
  Issue tracking integration
3. Benefits:
  
  Anyone can fork and contribute
  
  Full redundancy (every clone is a backup)
  
  Branching/merging workflow
  
  Wide tooling support
Git market share: ~95% of developers use Git (Stack Overflow surveys)

URL: https://github.com/LatticeArc/latticearc Repository on GitHub, which uses git. git is distributed.
Unambari wa toleo wa kipekee
Criterion [version_unique]
Umetimizwa

Haujatimizwa

?

Matokeo ya mradi LAZIMA yawe na kitambulisho cha kipekee cha toleo kwa kila toleo linalokusudiwa kutumiwa na watumiaji. ^{[version_unique]}
Hii YAWEZA kukidhi kwa njia mbalimbali ikiwa ni pamoja na vitambulisho vya kuwasilisha (kama kitambulisho cha kuwasilisha cha git au kitambulisho cha seti ya mabadiliko cha mercurial) au nambari ya toleo (ikiwa ni pamoja na nambari za toleo zinazotumia uainishaji wa maana au mipango ya tarehe kama YYYYMMDD).
The project uses Semantic Versioning (SemVer) with unique identifiers:
1. Version Format: MAJOR.MINOR.PATCH
  
  v0.1.0 - Initial release (Jan 29, 2026)
  
  v0.1.1 - Bug fixes (Jan 30, 2026)
  
  v0.1.2 - Dead code cleanup (Jan 30, 2026)
2. Version Sources:
  
  Cargo.toml: version = "0.1.2"
  
  Git tags for releases
  
  CHANGELOG.md documents each version
  
  crates.io publishes with version
3. Uniqueness Guaranteed:
  
  SemVer ensures no duplicate versions
  
  crates.io prevents version reuse
  
  Git tags are immutable
4. Workspace Version:
  
  Single version in [workspace.package]
  
  All crates share same version
  
  Consistent across entire project
URL:
- https://github.com/LatticeArc/latticearc/blob/main/CHANGELOG.md
- https://github.com/LatticeArc/latticearc/blob/main/Cargo.toml
Criterion [version_semver]
Umetimizwa

Haujatimizwa

?

INASHAURIWA kwamba muundo wa nambari ya toleo ya Semantic Versioning (SemVer) au Calendar Versioning (CalVer) itumike kwa matoleo. INASHAURIWA kwamba wale wanaotumia CalVer wajumuishe thamani ya kiwango cha mdogo. ^{[version_semver]}
Miradi kwa ujumla inapaswa kupendelea muundo wowote unaotarajiwa na watumiaji wao, k.m., kwa sababu ni muundo wa kawaida unaotumiwa na ikolojia yao. Ikolojia nyingi zinapendelea SemVer, na SemVer kwa ujumla hupendelewa kwa kiolesura cha programu ya programu (API) na zana za maendeleo ya programu (SDK). CalVer hutumiwa na miradi ambayo ni kubwa, ina idadi kubwa ya utegemezi ulioundwa kwa uhuru, ina upeo wa mara kwa mara unaobadilika, au ni ya muda muhimu. INASHAURIWA kwamba wale wanaotumia CalVer wajumuishe thamani ya kiwango cha mdogo, kwa sababu kujumuisha kiwango cha mdogo kunasaidia matawi yaliyotunzwa kwa wakati mmoja wakati wowote hilo linakuwa lazima. Miundo mingine ya nambari ya toleo inaweza kutumiwa kama nambari za toleo, ikiwa ni pamoja na vitambulisho vya kuwasilisha cha git au vitambulisho vya seti ya mabadiliko cha mercurial, mradi tu vikitambulisha matoleo kwa kipekee. Hata hivyo, baadhi ya mbadala (kama vitambulisho vya kuwasilisha cha git) vinaweza kusababisha matatizo kama vitambulisho vya toleo, kwa sababu watumiaji huenda wasiwe na uwezo wa kuamua kwa urahisi ikiwa wako na toleo la hivi karibuni. Muundo wa kitambulisho cha toleo unaweza kutokuwa wa maana kwa kutambulisha matoleo ya programu ikiwa wapokeaji wote wanaendesha toleo la hivi karibuni tu (k.m., ni msimbo wa tovuti moja au huduma ya mtandao ambayo inasasishwa mara kwa mara kupitia utoaji wa kuendelea).
Criterion [version_tags]
Umetimizwa

Haujatimizwa

?

INASHAURIWA kwamba miradi itambulishe kila toleo ndani ya mfumo wao wa udhibiti wa toleo. Kwa mfano, INASHAURIWA kwamba wale wanaotumia git watambulishe kila toleo kwa kutumia lebo za git. ^{[version_tags]}
The project uses git tags to identify releases:
1. Git Tags Used:
  
  v0.1.1 - "Fix hybrid signature verification and SecurityLevel docs"
2. Tag Format:
  
  Prefix: v
  
  SemVer version number
  
  Annotated with release description
3. Note:
  
  v0.1.0 and v0.1.2 tags should be added for completeness
  
  Tagging process should be part of release checklist
Tags viewable at:
- git tag -l (command line)
- GitHub Releases page

URL: https://github.com/LatticeArc/latticearc/tags

Recommendation: Add missing tags for consistency:
git tag -a v0.1.0 <commit-hash> -m "v0.1.0: Initial release"
git tag -a v0.1.2 <commit-hash> -m "v0.1.2: Dead code cleanup"
git push origin --tags
Maelezo ya kutolewa
Criterion [release_notes]
Umetimizwa

Haujatimizwa

Haihusiani

?

Mradi LAZIMA utoe, katika kila toleo, maelezo ya toleo ambayo ni muhtasari unaosomeka na binadamu wa mabadiliko makuu katika toleo hilo ili kuwasaidia watumiaji kuamua ikiwa wanapaswa kusasisha na athari ya kusasisha itakuwa nini. Maelezo ya toleo LAZIMA yasiwe matokeo ghafi ya kumbukumbu ya udhibiti wa toleo (k.m., matokeo ya amri ya "git log" si maelezo ya toleo). Miradi ambayo matokeo yake hayakusudiwa kutumika tena katika maeneo mengi (kama programu kwa tovuti moja au huduma) NA wanaotumia utoaji wa kuendelea WAWEZA kuchagua "N/A". (URL inahitajika) ^{[release_notes]}
Maelezo ya toleo YAWEZA kutekelezwa kwa njia mbalimbali. Miradi mingi hutoa katika faili inayoitwa "NEWS", "CHANGELOG", au "ChangeLog", kwa hiari na viendelezi kama ".txt", ".md", au ".html". Kihistoria neno "change log" lilimaanisha kumbukumbu ya kila mabadiliko, lakini ili kukidhi vigezo hivi kinachohitajika ni muhtasari unaosomeka na binadamu. Maelezo ya toleo YAWEZA badala yake kutolewa na taratibu za mfumo wa udhibiti wa toleo kama mtiririko wa Matoleo ya GitHub.
The project provides human-readable release notes in CHANGELOG.md:
1. Format: Keep a Changelog (https://keepachangelog.com/)
  
  Not raw git log output
  
  Organized by category: Added, Changed, Fixed, Removed
  
  Human-written summaries
2. Content for Each Release:
  
  Version number and date
  
  Summary of major changes
  
  Impact on users
  
  Migration notes when needed
3. Example (v0.1.2):
  
  [0.1.2] - 2026-01-30
  
  Removed
  
  Dead Code Cleanup: Removed ~11,500 lines of unreachable code
  
  Added
  
  Unified API Tests: Comprehensive test coverage
  
  Changed
  
  Documentation: Clarified Apache vs Enterprise scope
  
  Notes
  
  Explains what was removed and why
  
  No breaking changes for users
4. Helps Users Decide:
  
  Breaking changes highlighted
  
  Security fixes noted
  
  New features listed
  
  Deprecations documented
URL: https://github.com/LatticeArc/latticearc/blob/main/CHANGELOG.md
Criterion [release_notes_vulns]
Umetimizwa

Haujatimizwa

Haihusiani

?

Maelezo ya toleo LAZIMA yatambulishe kila udhaifu wa muda wa kutekeleza uliojulikana hadharani uliorekebishwa katika toleo hili ambao tayari ulikuwa na mgawanyo wa CVE au sawa wakati toleo lilipobuniwa. Kigezo hiki kinaweza kuwekwa alama kama haihusiki (N/A) ikiwa watumiaji kwa kawaida hawawezi kwa vitendo kusasisha programu wao wenyewe (k.m., kama inavyokuwa kweli mara nyingi kwa masasisho ya kernel). Kigezo hiki kinatumika tu kwa matokeo ya mradi, si kwa utegemezi wake. Ikiwa hakuna maelezo ya toleo au hakujawa na udhaifu uliojulikana hadharani, chagua N/A. ^{[release_notes_vulns]}
Kigezo hiki kinawasaidia watumiaji kuamua ikiwa sasisho fulani litarekebisha udhaifu ambao unajulikana hadharani, ili kuwasaidia watumiaji kufanya uamuzi wa habari kuhusu kusasisha. Ikiwa watumiaji kwa kawaida hawawezi kwa vitendo kusasisha programu wao wenyewe kwenye kompyuta zao, lakini badala yake lazima wategemee wapatanishi mmoja au zaidi kutekeleza sasisho (kama inavyokuwa mara nyingi kwa kernel na programu ya kiwango cha chini ambayo imefungwa na kernel), mradi unaweza kuchagua "haihusiki" (N/A) badala yake, kwani habari hii ya ziada haitakuwa ya msaada kwa watumiaji hao. Vivyo hivyo, mradi unaweza kuchagua N/A ikiwa wapokeaji wote wanaendesha toleo la hivi karibuni tu (k.m., ni msimbo wa tovuti moja au huduma ya mtandao ambayo inasasishwa mara kwa mara kupitia utoaji wa kuendelea). Kigezo hiki kinatumika tu kwa matokeo ya mradi, si kwa utegemezi wake. Kuorodhesha udhaifu wa utegemezi wote wa mpito wa mradi unakuwa mgumu kadiri utegemezi unavyoongezeka na kutofautiana, na haihitajiki kwani zana zinazochunguza na kufuatilia utegemezi zinaweza kufanya hivi kwa njia inayopanuka.
Not applicable - No publicly known vulnerabilities:
1. Project Status:
  
  Pre-1.0 software (v0.1.2)
  
  Initial release: January 29, 2026
  
  No CVEs have been filed against LatticeArc
2. No Vulnerabilities to Report:
  
  No CVE assignments for this project
  
  No security advisories issued
  
  No known run-time vulnerabilities
3. Future Commitment:
  
  SECURITY.md documents vulnerability reporting process
  
  CHANGELOG.md will document CVE fixes when applicable
  
  Security fixes will be categorized under "### Security" section
4. Verification:
  
  No entries in NVD for "latticearc"
  
  No GitHub Security Advisories for this repo
URL: https://github.com/LatticeArc/latticearc/blob/main/SECURITY.md

Data hii inapatikana chini ya Community Data License Agreement – Permissive, Version 2.0 (CDLA-Permissive-2.0). Hii inamaanisha kuwa Mpokeaji wa Data anaweza kushiriki Data, na au bila marekebisho, mradi Mpokeaji wa Data anapatanisha maandishi ya mkataba huu na Data iliyoshirikiwa. Tafadhali tambua LatticeArc-Founder na wachangiaji wa nishani ya Mazoea Bora ya OpenSSF.

latticearc

Misingi 13/13 ●

Jumla

Maudhui ya kimsingi ya tovuti ya mradi

Leseni ya FLOSS

Nyaraka

Mengine

Udhibiti wa Mabadiliko 9/9 ●

Hifadhi ya chanzo ya kudhibiti toleo ya hadharani

Unambari wa toleo wa kipekee

Maelezo ya kutolewa

[0.1.2] - 2026-01-30

Removed

Added

Changed

Notes

Kuripoti 8/8 ●

Mchakato wa kuripoti hitilafu

Mchakato wa kuripoti udhaifu

Ubora 13/13 ●

Mfumo wa ujenzi unaofanya kazi

Seti ya majaribio otomatiki

Upimaji wa utendaji mpya

Bendera za maonyo

Usalama 16/16 ●

Maarifa ya maendeleo yenye usalama

Tumia mazoea mazuri ya msingi ya usimbuaji

Utoaji salama dhidi ya mashambulizi ya mtu-katikati (MITM)

Udhaifu uliofahamika hadharani umeshughulikiwa

Masuala mengine ya usalama

Uchanganuzi 8/8 ●

Uchambuzi tuli wa msimbo

Uchambuzi wa msimbo wa nguvu za ziada