遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[](https://www.bestpractices.dev/projects/4514)
<a href="https://www.bestpractices.dev/projects/4514"><img src="https://www.bestpractices.dev/projects/4514/badge"></a>
A client SDK for the Data Attribute Recommendation service on SAP Cloud Platform. Part of SAP AI Business Services.
Added in https://github.com/SAP/data-attribute-recommendation-python-sdk/blob/master/CONTRIBUTING.md
Project uses DCO. See https://github.com/SAP/data-attribute-recommendation-python-sdk/blob/master/CONTRIBUTING.md
Several people have access to the repository and can manage issue. Release process is automated and can be triggered by people with write access to repo: https://data-attribute-recommendation-python-sdk.readthedocs.io/en/latest/release_process.html
Credentials are stored in safe location and relevant SAP colleagues have access.
Getting Started: https://data-attribute-recommendation-python-sdk.readthedocs.io/en/latest/index.html#getting-started
Badge will be there after PR is merged:
https://github.com/SAP/data-attribute-recommendation-python-sdk
Project is an SDK and not intended to be used by end-users. No text sorting is implemented.
Project websites does not store passwords for authentication of external users. Encryption is handled by Github and other providers such as Coveralls, Readthedocs etc.
Instructions in CHANGELOG.md: https://github.com/SAP/data-attribute-recommendation-python-sdk/blob/master/CHANGELOG.md
Typically, we will provide an upgrade path and not maintain older versions.
https://github.com/SAP/data-attribute-recommendation-python-sdk/issues
No vulnerabilities resolved in the last 12 months.
Black code style: https://github.com/SAP/data-attribute-recommendation-python-sdk/blob/master/CONTRIBUTING.md
Black code style via pre-commit and Travis.
No native binaries generated.
No debugging information In Python files which could be preserved.
There are no cross-dependencies in the subdirectories.
Scripted language.
Using Python's setup.py and setuptools.
Using "pip install -e", using Python's setup.py and setuptools.
In setup.py: https://github.com/SAP/data-attribute-recommendation-python-sdk/blob/f3883f2b56efefb704b0af58811261b4cb6d9b87/setup.py#L30
Policy explained in https://github.com/SAP/data-attribute-recommendation-python-sdk/blob/master/CONTRIBUTING.md
Default warnings are turned on and turned off where not sensible. Pre-commit prevents commits with warnings. This is enforced by Travis, the CI tool.
The project does not by itself configure or use cryptography; in particular, the project is not configuring key lengths.
This handled by the requests package, which internally decides which SSL stack to use. See e.g. the changelog entry for 2.24.0, which references how requests chooses the SSL implementation:
https://requests.readthedocs.io/en/latest/community/updates/#id2
The project offers a security guide, which in particular advises and describes how to update the entire environment to get the latest security fixes: https://data-attribute-recommendation-python-sdk.readthedocs.io/en/latest/security.html#keep-the-environment-up-to-date
By following these instructions regularly, the latest and most secure version of the requests dependency will be available.
Yes, the bandit tool: https://github.com/SAP/data-attribute-recommendation-python-sdk/blob/master/.pre-commit-config.yaml Also, the project uses the CodeQL tool provided by Github: https://github.com/SAP/data-attribute-recommendation-python-sdk/actions?query=workflow%3ACodeQL
Project implemented in Python.
后退