COMPLIANCE.md

Compliance

ArduPilot Methodic Configurator adheres to multiple compliance standards and best practices:

Usability

• Wizard like interface, allows user to concentrate in one task at a time
• All GUI elements contain mouse over tooltips explaining their function
• Relevant documentation opens automatically in a browser window
• Uses What you see is what gets changed paradigm. No parameters are changed without the users's knowledge
• Translated into multiple languages
• No visible menus, no hidden menus
• Keyboard-only navigation possible

Coding Standards

• Follows object-oriented design principles and clean code practices
  • Backend, business logic, frontend (GUI) separation for improved testability and maintainability
• Follows PEP 8 Python code style guidelines
• Uses PEP 484 type hints
  • Enforces type checking with MyPy and pyright type checkers
• Automated code formatting using ruff for consistency
• Implements PEP 621 project metadata standards
• Adheres to Keep a Changelog format
• Complies with Python Packaging Authority guidelines

Code Quality

• Maintains high code quality through automated linting (static code analysis), all using strict settings:
  • Pylint automated workflow,
  • Ruff automated workflow,
  • mypy automated workflow and
  • pyright automated workflow
• Implements comprehensive error handling and logging, with 5 verbosity levels
• Code and documentation are spell checked and english grammar checked
  • markdown-lint automated workflow and
  • markdown-link-check automated workflow

Software Development

• Implements continuous integration/continuous deployment (CI/CD) practices
• Maintains comprehensive assertion-based test coverage through pytest
• Follows Conventional Commits and uses semantic versioning for releases
• Follows git-flow branching model
• Implements git pre-commit hooks to ensure code quality and compliance on every commit
• Uses containerized CI/CD environments for consistency
• Uses automated changelog generation
• Implements reproducible builds with pinned software dependencies
• Implements automated dependency updates and security patches using renovate and dependabot

Open Source

• Complies with OpenSSF Best Practices for open source projects
• Uses REUSE specification for license compliance
  • Uses CI job to ensure compliance
  • Uses SPDX license identifiers
• Maintains comprehensive (more than 5000 lines) documentation
• Implements inclusive community guidelines
• Provides clear contribution procedures

Security

See our comprehensive Security Policy for details on security measures, audits, and vulnerability reporting processes.

<script async src="https://widget.gurubase.io/widget.latest.min.js" data-widget-id="uE4kxEE4LY3ZSyfNsF5bU6gIOnWGTBOL_e16KwDH-0g" data-text="Ask AI" data-margins='{"bottom": "1rem", "right": "1rem"}' data-light-mode="true" id="guru-widget-id"> </script>