Conversation
…tional paths
Bestpractices.dev autofill audit follow-up (board comment 0988aa47 on RAN-54).
The board re-listed four MUST/SHOULD criteria still flagged on the project
page despite `_status: Met` in our JSON. Root cause: the autofill bot
detects evidence by *conventional path*, not by the _url field — and our
URLs pointed at non-conventional locations (docs/README.md as an index,
shared/runbooks/engineering-standards.md as the contribution doc, /issues
for report_process). Sibling otelcontext (the closest single-product MIT
analog) uses the conventional pattern and the autofill flips them all to
Met automatically.
Added:
- CONTRIBUTING.md Conventional path the autofill bot detects.
§Reporting (Issues + SECURITY.md), §Development workflow
(Conventional Commits, signed commits, auto-merge),
§What every PR must pass (8-row CI gate matrix with
local commands), §Coding standards (delegates the full
bar to shared/runbooks/engineering-standards.md).
Retargeted in .bestpractices.json (status was already Met for all four):
- contribution_url engineering-standards.md -> CONTRIBUTING.md
- contribution_requirements_url engineering-standards.md -> CONTRIBUTING.md
- documentation_basics_url docs/README.md (index) -> README.md (the docs)
- report_process_url /issues -> SECURITY.md (matches the
otelcontext recipe; SECURITY.md links to
/issues for non-security bugs and is the
conventional location autofill detects)
- release_notes_url unchanged (CHANGELOG.md is the right answer
— no tagged releases yet, no /releases
endpoint to point at)
Justifications refreshed to cite the new URL targets without changing the
factual claim.
After this lands the autofill rescan should flip the four flagged criteria
to Met on bestpractices.dev. Per the Bestpractices board-approval gate
RAN-54 stays in_review — board flips the badge to passing and posts
@techlead approved.
Verified locally: JSON parses (152 top-level keys, 67 _status keys, 0
remaining `?`), no script changes (Test-SnipIT.ps1 84/84 unaffected,
PSScriptAnalyzer 0 errors unaffected).
Co-Authored-By: Paperclip <noreply@paperclip.ing>
6 tasks
aksOps
added a commit
that referenced
this pull request
Apr 26, 2026
…ersioning evidence (#8) CHANGELOG.md - [Unreleased] → [v0.1.0] - 2026-04-26 with full Added / Changed / Fixed / Security subsections covering PR #1 (RAN-54 baseline + Scorecard hardening), PR #3 (RAN-59 canonical-schema rewrite), PRs #4/#5 (RAN-64 CHANGELOG + docs/ index), PR #6 (5 SUGGESTED criteria flips), PR #7 (CONTRIBUTING.md + conventional-URL retargets). - Fresh empty [Unreleased] section opened at top per Keep-a-Changelog 1.1.0. - Link refs now point at compare/v0.1.0...HEAD and releases/tag/v0.1.0. .bestpractices.json - version_unique_url + release_notes_vulns_url added (both pointing at the v0.1.0 GitHub Release) so the bestpractices.dev autofill bot has a concrete URL to verify alongside _status: Met. - 5 versioning justifications refreshed to cite the concrete v0.1.0 tag instead of forward-looking commitments: version_unique, version_semver, version_tags, release_notes, release_notes_vulns. These are the criteria the autofill bot verifies by checking actual GitHub Releases / git tags exist. Once the v0.1.0 signed tag + GitHub Release land post-merge, autofill should flip release_notes to Met (currently Unmet pending evidence) and the 4 SUGGESTED versioning criteria stay Met with concrete tag-backed URLs. Co-authored-by: Paperclip <noreply@paperclip.ing>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Bestpractices.dev autofill audit follow-up (board comment
0988aa47on RAN-54). The board re-listed four MUST/SHOULD criteria still flagged on the project page despite_status: Metin our JSON.Root cause: the bestpractices.dev autofill bot detects evidence by conventional path, not by the
_urlfield. Our URLs pointed at non-conventional locations. Sibling otelcontext (the closest single-product MIT analog) uses the conventional pattern and the autofill flips them all to Met automatically.Changes
Added
CONTRIBUTING.mdat repo root — conventional path the autofill bot detects. §Reporting (Issues + SECURITY.md), §Development workflow (Conventional Commits, signed commits, auto-merge), §What every PR must pass (8-row CI gate matrix with local commands), §Coding standards (delegates the full bar toshared/runbooks/engineering-standards.md).Retargeted in
.bestpractices.json(status was alreadyMetfor all four — only URLs and justifications changed)_url_urlcontributioncontribution_requirementsdocumentation_basicsreport_processrelease_notes/releasesto point at; CHANGELOG.md is the right answer per criterion text)Justifications refreshed to cite the new URL targets without changing the factual claim.
Verified locally
_statuskeys, 0 remaining?)Test-SnipIT.ps184/84 unaffected, PSScriptAnalyzer 0 errors unaffected.Post-merge
in_reviewuntil the board flips the badge topassingand posts@TechLead approved.Test plan
🤖 Generated with Claude Code