遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[](https://www.bestpractices.dev/projects/7986)
<a href="https://www.bestpractices.dev/projects/7986"><img src="https://www.bestpractices.dev/projects/7986/badge"></a>
Dayendar for advanced day calendar operations
The requirements for contributions are clearly stated in the documents CONTRIBUTING.md and README.md: https://github.com/racherb/dayendar/blob/HEAD/CONTRIBUTING.md
Issue Tracker through GitHub
The Rust project follows a policy of being as strict as possible with warnings and bugs. We use the rustc compiler and Clippy linting tool with strict settings to detect and correct problems in the early stages of development. In addition, our continuous integration (CI) ensures that any new code meets these strict standards. Our policy and practices regarding warnings are clearly documented in our CONTRIBUTING.md file.
For Rust projects, while the language's design inherently mitigates many common vulnerabilities, we can still employ tools that further scrutinize the codebase for potential issues: Clippy: Beyond linting for code quality, some of Clippy's lints can indirectly identify code patterns that might lead to vulnerabilities, especially when they deviate from Rust's idiomatic practices. Cargo-audit: Directly addresses the criterion's suggestion. It scans the project's dependencies for known security vulnerabilities, ensuring that the software doesn't inadvertently include libraries with recognized vulnerabilities. By integrating both Clippy and Cargo-audit into the development workflow, we not only uphold Rust's safety principles but also actively scan for common vulnerabilities, aligning with the requirement's intent.
In our project we use the Rust programming language which is characterised by memory safety, however, we apply fuzzing techniques through "cargo fuzz".
后退