Skip to content

v0.1.0: Open Source Readiness

Choose a tag to compare

View all tags
@ArangoGutierrez ArangoGutierrez released this 08 Apr 15:53
· 61 commits to main since this release
v0.1.0
This tag was signed with the committer’s verified signature.
ArangoGutierrez Carlos Eduardo Arango Gutierrez
SSH Key Fingerprint: ar1tugvZkGrVYLjTPW4rkCGBkv7y9I8i2qkdWMLbTtw
Verified
Learn about vigilant mode.
317f283
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlights

  • Community docs: SECURITY.md, CODE_OF_CONDUCT.md, GOVERNANCE.md, CONTRIBUTING.md, CHANGELOG.md
  • GitHub templates: CODEOWNERS, issue templates, PR template
  • CI hardening: SHA-pinned actions, top-level permissions, OpenSSF Scorecard workflow
  • Supply chain: cosign keyless signing, SPDX SBOM attestation
  • REUSE/SPDX compliance via REUSE.toml
  • Fuzz testing for YAML config parser
  • Multi-platform container image: linux/amd64 + linux/arm64
  • nvidia-smi on both amd64 and arm64

Container Image

ghcr.io/nvidia/nvml-mock:0.1.0

Signed with Sigstore cosign (keyless, GitHub OIDC).
SBOM attestation attached via cosign attest.

Targets

  • OpenSSF Scorecard: ~8/10
  • CNCF Sandbox eligibility: met
Assets 2
Loading