-
+
@@ -34,7 +34,7 @@ We support both our original "metal" badge criteria and the
OpenSSF Baseline criteria.
See the
-*[OpenSSF Best Practices badge website](https://bestpractices.coreinfrastructure.org/)* if you want to try to actually get a badge.
+*[OpenSSF Best Practices badge website](https://www.bestpractices.dev/)* if you want to try to actually get a badge.
This is the development site for the criteria and badge application
software that runs the website.
@@ -55,8 +55,8 @@ the CII Best Practices badge.
Interesting pages include:
-* Badging **[Criteria for the passing level](https://bestpractices.coreinfrastructure.org/criteria/0)**
-* **[Criteria for all badging levels](https://bestpractices.coreinfrastructure.org/criteria)**
+* Badging **[Criteria for the passing level](https://www.bestpractices.dev/criteria/0)**
+* **[Criteria for all badging levels](https://www.bestpractices.dev/criteria)**
* Information on how to **[contribute](./CONTRIBUTING.md)**
* Information on **[our own security, including how to report vulnerabilities in our badge application](./SECURITY.md)**
* [Up-for-grabs](https://github.com/ossf/best-practices-badge/labels/up-for-grabs)
diff --git a/best_practices.openapi.yaml b/best_practices.openapi.yaml
index 10f40abfe..eb1e62d13 100644
--- a/best_practices.openapi.yaml
+++ b/best_practices.openapi.yaml
@@ -4,7 +4,7 @@ info:
description: RESTful API for OpenSSF Best Practices badge website
version: 1.0.0
servers:
- - url: https://bestpractices.coreinfrastructure.org
+ - url: https://www.bestpractices.dev
description: Main site
paths:
/{locale}/projects/{id}/{level}.{format}:
diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index 17cf223ef..2fed3ba3d 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -445,8 +445,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/assurance-case.md b/docs/assurance-case.md
index 6a4636739..f3c36f9ac 100644
--- a/docs/assurance-case.md
+++ b/docs/assurance-case.md
@@ -3508,7 +3508,7 @@ This is evidence that the BadgeApp application is
applying practices expected in a well-run FLOSS project.
You can see the
-[CII Best Practices Badge entry for the BadgeApp](https://bestpractices.coreinfrastructure.org/en/projects/1/0).
+[CII Best Practices Badge entry for the BadgeApp](https://www.bestpractices.dev/en/projects/1/0).
Note that we achieve a gold badge.
### Organizational Controls
@@ -3840,8 +3840,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/background.md b/docs/background.md
index 06b37dc6f..04dbe58ae 100644
--- a/docs/background.md
+++ b/docs/background.md
@@ -1761,8 +1761,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/best_practices.py b/docs/best_practices.py
index dbe523a47..00b27ccfe 100644
--- a/docs/best_practices.py
+++ b/docs/best_practices.py
@@ -1,5 +1,5 @@
#!/usr/bin/python3
-# Download JSON data from bestpractices.coreinfrastructure.org and analyze it.
+# Download JSON data from www.bestpractices.dev and analyze it.
# Since the JSON data is paged, we simply download each page in turn.
# This is written to be simple code; it loads the entire dataset into memory.
@@ -19,7 +19,7 @@
cached_filename = 'projects.json'
# This is the base URL for project data.
-base_url = 'https://bestpractices.coreinfrastructure.org/' + cached_filename
+base_url = 'https://www.bestpractices.dev/' + cached_filename
# Retrieve paged JSON data
def retrieve_data():
diff --git a/docs/case.ltac b/docs/case.ltac
index 4bddbabe2..de1c0f9a3 100644
--- a/docs/case.ltac
+++ b/docs/case.ltac
@@ -121,7 +121,7 @@
- Claim Controls: Certifications & controls provide confidence in operating results
- Claim CIIBadge: CII Best Practices Badge certification is obtained
- - Evidence CIIBadgeEv: BadgeApp achieves gold CII Best Practices Badge (https://bestpractices.coreinfrastructure.org/en/projects/1)
+ - Evidence CIIBadgeEv: BadgeApp achieves gold CII Best Practices Badge (https://www.bestpractices.dev/en/projects/1)
- Claim OWASPClaim: All of the most common important implementation vulnerability types (weaknesses) countered
- Strategy OWASPStrat: OWASP top 10 represents a broad consensus of the most critical web application security flaws
diff --git a/docs/case.md b/docs/case.md
index 659bef06e..f15b25906 100644
--- a/docs/case.md
+++ b/docs/case.md
@@ -6849,7 +6849,7 @@ This is evidence that the BadgeApp application is
applying practices expected in a well-run FLOSS project.
You can see the
-[CII Best Practices Badge entry for the BadgeApp](https://bestpractices.coreinfrastructure.org/en/projects/1/0).
+[CII Best Practices Badge entry for the BadgeApp](https://www.bestpractices.dev/en/projects/1/0).
Note that we achieve a gold badge.
@@ -6861,10 +6861,10 @@ Referenced by: **[Package Controls](#package-controls)**
Supports: **[Claim CIIBadge](#claim-ciibadge)**
-External Reference: [https://bestpractices.coreinfrastructure.org/en/projects/1](https://bestpractices.coreinfrastructure.org/en/projects/1)
+External Reference: [https://www.bestpractices.dev/en/projects/1](https://www.bestpractices.dev/en/projects/1)
-BadgeApp achieves gold CII Best Practices Badge. See [https://bestpractices.coreinfrastructure.org/en/projects/1](https://bestpractices.coreinfrastructure.org/en/projects/1).
+BadgeApp achieves gold CII Best Practices Badge. See [https://www.bestpractices.dev/en/projects/1](https://www.bestpractices.dev/en/projects/1).
### Organizational Controls
@@ -7195,8 +7195,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/criteria-footer.markdown b/docs/criteria-footer.markdown
index eca86c016..f2f2f38de 100644
--- a/docs/criteria-footer.markdown
+++ b/docs/criteria-footer.markdown
@@ -128,8 +128,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/criteria-header.markdown b/docs/criteria-header.markdown
index 75ced7a3e..9b64474ae 100644
--- a/docs/criteria-header.markdown
+++ b/docs/criteria-header.markdown
@@ -11,11 +11,11 @@
We've recently moved the criteria information to the active website!
There you can see the
-passing
+passing
criteria,
-all
+all
criteria, and the
-criteria discussion.
+criteria discussion.
This change makes it easier to see the real criteria in any language,
as well as hide or reveal the details and rationale.
diff --git a/docs/criteria.md b/docs/criteria.md
index 7d5282b51..1db8b36c9 100644
--- a/docs/criteria.md
+++ b/docs/criteria.md
@@ -11,11 +11,11 @@
We've recently moved the criteria information to the active website!
There you can see the
-passing
+passing
criteria,
-all
+all
criteria, and the
-criteria discussion.
+criteria discussion.
This change makes it easier to see the real criteria in any language,
as well as hide or reveal the details and rationale.
@@ -596,8 +596,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/design.md b/docs/design.md
index 0c7fd5ab8..54a403294 100644
--- a/docs/design.md
+++ b/docs/design.md
@@ -494,8 +494,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/governance.md b/docs/governance.md
index 53d7a07ed..35e359c2c 100644
--- a/docs/governance.md
+++ b/docs/governance.md
@@ -306,8 +306,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/implementation.md b/docs/implementation.md
index 5e11e304b..fd226c751 100644
--- a/docs/implementation.md
+++ b/docs/implementation.md
@@ -482,12 +482,12 @@ See [security.md](./security.md) for more information.
Users indicate the locale via the URL.
The recommended form is at the beginning of that path, e.g.,
-
+
selects the locale "fr" (French) when displaying "/projects".
This even works at the top page, e.g.,
-.
+.
It also supports the locale as a query parameter, e.g.,
-
+
### Fixing locale data
@@ -1407,7 +1407,7 @@ these keys from anywhere else:
## Project stats omission on 2017-02-28
The production site maintains a number of daily statistics and can
-[display the statistics graphically](https://bestpractices.coreinfrastructure.org/project_stats), but it is
+[display the statistics graphically](https://www.bestpractices.dev/project_stats), but it is
missing a report for 2017-02-28.
This was due to a multi-hour downtime in
Amazon’s S3 web-based storage service, part of
@@ -1595,8 +1595,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/other.md b/docs/other.md
index 513157d8f..436cd5586 100644
--- a/docs/other.md
+++ b/docs/other.md
@@ -7,11 +7,11 @@
We've recently moved the criteria information to the active website!
There you can see the
-passing
+passing
criteria,
-all
+all
criteria, and the
-criteria discussion.
+criteria discussion.
This change makes it easier to see the real criteria in any language,
as well as hide or reveal the details and rationale.
@@ -1703,8 +1703,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/requirements.md b/docs/requirements.md
index 8b3a8a4a7..091e958fe 100644
--- a/docs/requirements.md
+++ b/docs/requirements.md
@@ -140,8 +140,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/roadmap.md b/docs/roadmap.md
index 8085151aa..89e4b403a 100644
--- a/docs/roadmap.md
+++ b/docs/roadmap.md
@@ -65,8 +65,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/scorecard-map.md b/docs/scorecard-map.md
index b130cbd8e..ba73e9ea4 100644
--- a/docs/scorecard-map.md
+++ b/docs/scorecard-map.md
@@ -3,10 +3,10 @@
This is a map from the
[OpenSSF Scorecard checks](https://github.com/ossf/scorecard/blob/main/docs/checks.md)
to the
-[OpenSSF Best Practices badge criteria](https://bestpractices.coreinfrastructure.org/en/criteria?details=true).
+[OpenSSF Best Practices badge criteria](https://www.bestpractices.dev/en/criteria?details=true).
Scorecard has 19 checks.
-[The OpenSSF best practices criteria statistics](https://bestpractices.coreinfrastructure.org/en/criteria_stats)
+[The OpenSSF best practices criteria statistics](https://www.bestpractices.dev/en/criteria_stats)
has 67 criteria for passing, 48 new criteria for silver, and 14 new criteria
for gold; adding 1 for the existence of the badge leaves 130 total criteria.
Looking at the Scorecard checks, in sum:
@@ -54,7 +54,7 @@ This maps to the OpenSSF best practices badge `test_continuous_integration`:
## CII-Best-Practices
-> This check determines whether the project has earned an [OpenSSF (formerly CII) Best Practices Badge](https://bestpractices.coreinfrastructure.org/) at the passing, silver, or gold level.
+> This check determines whether the project has earned an [OpenSSF (formerly CII) Best Practices Badge](https://www.bestpractices.dev/) at the passing, silver, or gold level.
>
> The OpenSSF Best Practices badge indicates whether or not that the project uses a set of security-focused best development practices for open
source software. The check uses the URL for the Git repo and the OpenSSF Best Practices badge API.
diff --git a/docs/testing.md b/docs/testing.md
index 4753bb7d9..8d36274b1 100644
--- a/docs/testing.md
+++ b/docs/testing.md
@@ -341,8 +341,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/docs/vetting.md b/docs/vetting.md
index 3afb94e92..92c6d583a 100644
--- a/docs/vetting.md
+++ b/docs/vetting.md
@@ -115,8 +115,8 @@ Project participation and interface:
Criteria:
-* [Criteria for passing badge](https://bestpractices.coreinfrastructure.org/criteria/0)
-* [Criteria for all badge levels](https://bestpractices.coreinfrastructure.org/criteria)
+* [Criteria for passing badge](https://www.bestpractices.dev/criteria/0)
+* [Criteria for all badge levels](https://www.bestpractices.dev/criteria)
Development processes and security:
diff --git a/lib/tasks/default.rake b/lib/tasks/default.rake
index df919fe09..368bfc8f1 100644
--- a/lib/tasks/default.rake
+++ b/lib/tasks/default.rake
@@ -290,7 +290,7 @@ desc 'Load current self.json'
task :load_self_json do
require 'json'
require 'open-uri'
- url = 'https://master.bestpractices.coreinfrastructure.org/projects/1.json'
+ url = 'https://staging.bestpractices.dev/projects/1.json'
contents = URI.parse(url).open.read
pretty_contents = JSON.pretty_generate(JSON.parse(contents))
File.write('docs/self.json', pretty_contents)
@@ -452,7 +452,7 @@ namespace :fastly do
desc 'Test Fastly Caching'
task :test, [:site_name] do |_t, args|
- args.with_defaults site_name: 'https://master.bestpractices.coreinfrastructure.org/projects/1/badge'
+ args.with_defaults site_name: 'https://staging.bestpractices.dev/projects/1/badge'
puts 'Starting test of Fastly caching'
verbose(false) do
sh "script/fastly_test #{args.site_name}"
@@ -592,6 +592,15 @@ def normalize_string(value, locale)
value = value.gsub('github.com/coreinfrastructure/best-practices-badge',
'github.com/ossf/best-practices-badge')
+ # Forcibly substitute the old production domain with the current one.
+ # Our site moved from bestpractices.coreinfrastructure.org to
+ # www.bestpractices.dev (we use the www. host, not the bare domain,
+ # because bare DNS domains complicate our Fastly CDN setup). Like the
+ # GitHub-org rewrite above, this catches stale references that arrive
+ # via translation.io so we don't have to hand-edit translated strings.
+ value = value.gsub('bestpractices.coreinfrastructure.org',
+ 'www.bestpractices.dev')
+
return value if value.exclude?('<')
# Google Translate generates html text that has predictable errors.
diff --git a/script/fastly_test b/script/fastly_test
index 8e3fe9af5..ebe1ae26d 100755
--- a/script/fastly_test
+++ b/script/fastly_test
@@ -1,6 +1,6 @@
#!/bin/sh
-site_name=${1:-https://master.bestpractices.coreinfrastructure.org/projects/1/badge}
+site_name=${1:-https://staging.bestpractices.dev/projects/1/badge}
echo "Purging Fastly cache of badge for ${site_name}"
curl -X PURGE "$site_name" || exit 1
echo
|