-
Notifications
You must be signed in to change notification settings - Fork 115
Open
Description
| "proprietary-explanation": "This app is not developed in the open, so only its developers know how it works. It may be insecure in ways that are hard to detect, and it may change without oversight.", |
| "community-built-explanation": "This app is developed in the open by an international community, and released under the <bold>{ license }</bold>.", |
| "auditable-code-description": "The source code is public and can be independently audited, which makes the app more likely to be safe", |
Above 3 come from licence, which only tells us whether the licence is open source or not open source. We should not extrapolate too much from the licence and make soft claims about safety, international community etc.
Also the labels get applied to non-app things too so the "app" part should be dropped.
I'm thinking something along the lines of (in order):
- "The source code is not public, so it cannot be independently audited or verified."
- "The source code is public, and it is released under XXX."
- "The source code is public, so it can be independently audited and verified."
| "software-developer-verified-description": "The software developer has verified their identity, which makes the app more likely to be safe", |
This one is slightly inaccurate (no one has verified their identity, verifying identity means something else) and does not match the label in the verification blue tick tooltip. And, same logic about the soft claim of safety.
- "The developer has verified their ownership of $appid, and it may be maintained by the developer.", or
- "The developer has verified their ownership of $appid"
| "community-built": "Community built", |
Same here and also it does not match what the special and proprietary labels say. Those two are specifically about the licence, while this isn't.
It should just be:
- "Free and open source", or
- “Open source”
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
No labels