遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[](https://www.bestpractices.dev/projects/66)
<a href="https://www.bestpractices.dev/projects/66"><img src="https://www.bestpractices.dev/projects/66/badge"></a>
BRL-CAD is an open source solid modeling system with interactive 3D geometry editing, high-performance ray tracing for rendering, hybrid representation geometry conversion, and processing for geometric analysis.
BRL-CAD uses both centralized and decentralized development, intentionally using centralized (SVN on Sourceforge) for primary development where we have strict validation and verification (V&V) requirements and a desire for enforced developer interaction inherent with the centralized model. We used decentralized (GIT on GitHub) for all our other work including website infrastructure, model management, and experimental projects.
Reproducible builds are not currently supported as timestamps are intentionally embedded into all libraries and (by extension) all binaries.
https://svn.code.sf.net/p/brlcad/code/brlcad/trunk/CTestConfig.cmake make test make regress make benchmark
BuildBot is used for CI. The "distcheck-full" target in BRL-CAD's build system are run on BRL-CAD's central (SVN) code repository.
警告:需要URL,但找不到URL。
There is un unencrypted network communication with an encrypted equivalent.
There is no SSL / TLS communication in BRL-CAD.
SourceForge supports X-Content-Type-Options nosniff. GitHub supports multiple. Project website and download site support none.
BRL-CAD extensively uses compiler flags (including -fstack-protector) and static analysis tools (Coverity) to minimize or eliminate undefined behavior. BRL-CAD has extensive testing strategies in place to detect security issues and unexpected behavior.
Dynamic analysis is not currently part of BRL-CAD's release repertoire, but several tools are used periodically and have been used in the past including gcov, valgrind, dmalloc, and purify.
后退