diff --git a/README.md b/README.md index 2f1047e3..faa1a134 100644 --- a/README.md +++ b/README.md @@ -76,7 +76,7 @@ Our work is organized into several discrete-yet-related projects that help us ac | Effort | Description | Git Repo | Slack Channel | Mailing List | | ------------------ | ------------------------ | ------------------- | ----------- | ---------- | -| Best Practices Guides | Longer reference documents on implementing specific secure techniques | - [Compiler Annotations for C and C++ (incubating)](https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Annotations-for-C-and-C++.html),

- [Compiler Options Hardening Guide for C and C++](https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++),

- [Existing Guidelines for Developing and Distributing Secure Software](https://github.com/ossf/wg-best-practices-os-developers/blob/main/docs/Existing%20Guidelines%20for%20Developing%20and%20Distributing%20Secure%20Software.md),

- [Package Manager Best Practices (incubating)](https://github.com/ossf/package-manager-best-practices),

- [npm Best Practices Guide](https://github.com/ossf/package-manager-best-practices/blob/main/published/npm.md),

- [Source Code Management Platform Configuration Best Practices](docs/SCM-BestPractices/README.md),

- [Cyber Resilience Act (CRA) Brief Guide for Open Source Software (OSS) Developers](https://best.openssf.org/CRA-Brief-Guide-for-OSS-Developers).

- [Secure Coding Guide for Python](https://github.com/ossf/wg-best-practices-os-developers/tree/main/docs/Secure-Coding-Guide-for-Python), | - [#wg-best-practices-compilers](https://openssf.slack.com/archives/C07LH7RH8MT),

- [#wg-best-practices-scm](https://openssf.slack.com/archives/C058EC1EZ5Y) | | +| Best Practices Guides | Longer reference documents on implementing specific secure techniques | - [Compiler Annotations for C and C++ (incubating)](https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Annotations-for-C-and-C++.html),

- [Compiler Options Hardening Guide for C and C++](https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++),

- [Existing Guidelines for Developing and Distributing Secure Software](https://github.com/ossf/wg-best-practices-os-developers/blob/main/docs/Existing%20Guidelines%20for%20Developing%20and%20Distributing%20Secure%20Software.md),

- [Package Manager Best Practices (incubating)](https://github.com/ossf/package-manager-best-practices),

- [npm Best Practices Guide](https://github.com/ossf/package-manager-best-practices/blob/main/published/npm.md),

- [Source Code Management Platform Configuration Best Practices](docs/SCM-BestPractices/README.md),

- [Cyber Resilience Act (CRA) Brief Guide for Open Source Software (OSS) Developers](https://best.openssf.org/CRA-Brief-Guide-for-OSS-Developers).

- [Secure Coding Guide for Python](https://github.com/ossf/wg-best-practices-os-developers/tree/main/docs/Secure-Coding-Guide-for-Python),

- [Security Focused Guide for AI Code Assistant Instructions](https://best.openssf.org/Security-Focused-Guide-for-AI-Code-Assistant-Instructions),

| - [#wg-best-practices-compilers](https://openssf.slack.com/archives/C07LH7RH8MT),

- [#wg-best-practices-scm](https://openssf.slack.com/archives/C058EC1EZ5Y) | | | Concise Guides SIGs | Quick Guidance around Open Source Software Development Good Practices | - [Concise Guide for Developing More Secure Software](https://best.openssf.org/Concise-Guide-for-Developing-More-Secure-Software),

- [Concise Guide for Evaluating Open Source Software](https://best.openssf.org/Concise-Guide-for-Evaluating-Open-Source-Software) | | [Mailing List](https://lists.openssf.org/g/openssf-wg-best-practices) | | Education SIG - (incubating) | To provide industry standard secure software development training materials that will educate learners of all levels and backgrounds on how to create, compose, deploy, and maintain software securely using best practices in cyber and application security. | [EDU.SIG](https://github.com/ossf/education/) (course links are there) | [stream-01-security-education](https://openssf.slack.com/archives/C03FW3YGXH9) | [Mailing List](https://lists.openssf.org/g/openssf-sig-education) | |[OpenSSF Best Practices Badge - formerly CII Best Practices badge](https://www.bestpractices.dev/) | Identifies FLOSS best practices & implements a badging system for those practices, | [best-practices-badge](https://github.com/coreinfrastructure/best-practices-badge) | | | diff --git a/docs/index.md b/docs/index.md index 85073612..8b7fe766 100644 --- a/docs/index.md +++ b/docs/index.md @@ -15,6 +15,7 @@ This is a list of materials (documents, services, and so on) released by the * [Simplifying Software Component Updates](https://best.openssf.org/Simplifying-Software-Component-Updates) * [The Memory Safety Continuum](https://memorysafety.openssf.org/memory-safety-continuum) * [Cyber Resilience Act (CRA) Brief Guide for Open Source Software (OSS) Developers](https://best.openssf.org/CRA-Brief-Guide-for-OSS-Developers) +* [Security Focused Guide for AI Code Assistant Instructions](https://best.openssf.org/Security-Focused-Guide-for-AI-Code-Assistant-Instructions) Note: You can also see the larger list of [Guides released by the OpenSSF](https://openssf.org/resources/guides/). @@ -38,7 +39,6 @@ guidance about memory safety through our memory safety SIG, and so on. Examples of ongoing work include: * [Secure Coding One Stop Shop for Python](Secure-Coding-Guide-for-Python/readme.md) -* [Security Focused Guide for AI Code Assistant Instructions](https://best.openssf.org/Security-Focused-Guide-for-AI-Code-Assistant-Instructions) * [Compiler Annotations for C and C++](Compiler-Hardening-Guides/Compiler-Annotations-for-C-and-C++.md) We typically use the [Simplest Possible Process (SPP)](https://best.openssf.org/spp/Simplest-Possible-Process) to publish our results on the web.