遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[](https://www.bestpractices.dev/projects/6554)
<a href="https://www.bestpractices.dev/projects/6554"><img src="https://www.bestpractices.dev/projects/6554/badge"></a>
🧬 The data structure for unstructured multimodal data · Neural Search · Vector Search · Document Store
https://github.com/jina-ai/docarray/blob/main/CONTRIBUTING.md#code-style-conventions
Example of DCO beeing check on every PR : https://github.com/docarray/docarray/runs/14791431312
https://github.com/docarray/docarray/blob/main/GOVERNANCE.md
https://github.com/docarray/docarray/blob/main/CODE_OF_CONDUCT.md
Several ( 4 people) have full admin access to all parts of the project. Knowledge and vision are shared between all of them if one of them dies the other will take over.
We have 3 main maintainers. Actively contributing and knowing the codebase:
https://github.com/docarray/docarray/issues/1714
https://docs.docarray.org/user_guide/intro/
https://github.com/docarray/docarray/blob/main/SECURITY.md
We test the documentation code snippet on every commit as part of our CI : https://github.com/docarray/docarray/tree/main/tests/documentation
Github badge on the readme: https://github.com/docarray/docarray
Using sota documentation and code hosting tool
library which does not produce content
Authentification is managed by github and therefore no password is stored
https://docs.docarray.org/migration_guide/
https://github.com/jina-ai/docarray/issues
there has been no vulnerabilities resolved in the last 12 months
https://github.com/docarray/docarray/blob/main/CONTRIBUTING.md#-code-style-conventions
https://github.com/docarray/docarray/blob/f6ce2833886468e03b8eafec222be7cef3fe62e2/.github/workflows/ci.yml#L309
we can only merge a PR if the formatting tool (namely black and ruff) are passing.
Python package without compiling
Python lib
Using pip and poetry for install
Poetry is managing the dependency and test can be run out of the box after the installation following the contributing guidelines https://github.com/docarray/docarray/blob/main/CONTRIBUTING.md#-testing-docarray-locally-and-on-ci
https://github.com/docarray/docarray/blob/f6ce2833886468e03b8eafec222be7cef3fe62e2/pyproject.toml#L36
Using poetry with a pyproject.toml to achieve this
We have github bot that do this for us and report to us in case of vulnerability
pyproject.toml
Mostly using FLOSS software as a dependency. If we are providing a feature via an closed source API we makes sure that we have a way to provide the same with an open source software ( Example push data to s3 can be done as well using
ci + github action on each PR + commit
we require test to be added on each PR both for bug fix and features to be able to detect breaking changes.
https://app.codecov.io/gh/docarray/docarray 86 % so far
https://github.com/docarray/docarray/blob/main/CONTRIBUTING.md#test-policy
https://github.com/docarray/docarray/blob/main/CONTRIBUTING.md#test-policy https://github.com/docarray/docarray/blob/main/CONTRIBUTING.md#contributing-to-docarray
We add as much warning as we can when necessary. Example each call to a tool that is not install will create a warning explaining how to fix the problem.
This is met by following strict guideline and code review
the software release is done via https://pypi.org/project/docarray/
not applicable because we work at a higher level than this. This is handle by dependency of us.
not applicable because we work at a higher level than this. This is handled by our dependencies.
ruff is doing this
python
后退