遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[](https://www.bestpractices.dev/projects/8054)
<a href="https://www.bestpractices.dev/projects/8054"><img src="https://www.bestpractices.dev/projects/8054/badge"></a>
A full-featured implementation of the Network Time Protocol, including NTS support.
Our contribution guide can be found in CONTRIBUTING.md file: https://github.com/pendulum-project/ntpd-rs/blob/main/CONTRIBUTING.md
https://github.com/pendulum-project/ntpd-rs/blob/main/CODE_OF_CONDUCT.md
We have multiple long-term contributors with full admin rights, see: https://github.com/pendulum-project/ntpd-rs/graphs/contributors
We have multiple long-term contributors, see: https://github.com/pendulum-project/ntpd-rs/graphs/contributors
https://docs.ntpd-rs.pendulum-project.org/guide/security-guidance/ https://docs.ntpd-rs.pendulum-project.org/development/threat-model/
https://docs.ntpd-rs.pendulum-project.org/guide/getting-started/
https://github.com/pendulum-project/ntpd-rs/blob/main/.github/review-template.md
See the badges in our readme: https://github.com/pendulum-project/ntpd-rs
We explain any breaking changes to help upgrades in our changelogs on our releases page: https://github.com/pendulum-project/ntpd-rs/releases
https://github.com/pendulum-project/ntpd-rs/issues
We give credit to reporters in our security reports: https://github.com/pendulum-project/ntpd-rs/security
We enforce rustfmt and clippy compliance according to our contributor guide: https://github.com/pendulum-project/ntpd-rs/blob/main/CONTRIBUTING.md
We enforce rustfmt and clippy compliance in our continuous integration pipeline: https://github.com/pendulum-project/ntpd-rs/blob/main/.github/workflows/checks.yaml
We run a standard Rust with Cargo compiler pipeline, see: https://github.com/pendulum-project/ntpd-rs/blob/main/Cargo.toml
No recursive build system is used
We provide standard packages for several common Linux distributions, see our releases page: https://github.com/pendulum-project/ntpd-rs/releases
We run a standard Rust with Cargo compiler pipeline, see: https://github.com/pendulum-project/ntpd-rs/blob/main/Cargo.lock
Dependabot is used to update dependencies
Rust provides an easy way to do this using cargo.
Clippy and cargo-deny check this for us automatically.
Our CI workflow does this automatically.
Our code coverage can be seen at https://app.codecov.io/gh/pendulum-project/ntpd-rs
https://github.com/pendulum-project/ntpd-rs/blob/main/CONTRIBUTING.md
We do not allow any warnings with either the rust compiler or clippy.
We have a threat model in which we document our risks: https://docs.ntpd-rs.pendulum-project.org/development/threat-model/
We use the default known secure configuration for our TLS library, these are currently understood to be secure.
All key material is stored separately from the main configuration files, and is configurable.
We use the OS default root certificates to validate the TLS certificate by default.
We do not send HTTP traffic
Our NTP packet parser is as strict as possible.
Clippy, rustfmt and cargo-audit are used by the project
Project written in Rust
后退