Software quality of the project

[nafieshehu]

Can someone from the team have a look on these questions? Would really help the community get a better understanding of the way CityZen is structured as a project.

• is our community highly prioritizing producing secure software?
• Do we have what is considered a well-documented channel to report security issues, along with a documented response process?
• do we prioritize backward compatibility, documentation of any incompatible changes, tools and documentation to help users transition to new release features?
• Is our project striving for timely response to bug reports?
• does our project include unit and integration test suites of sufficient coverage? Is coverage documented?
• Do we include enough documentation for anyone to test or deploy any of the software?
• Do we include documentation for a software developer of moderate skill to set up their development environment to contribute?
• we document how we integrate with OpenStreetMap and other projects (Mapbox in the future?)
• is a Continuous Integration pipeline is used for testing and deployment purposes?

[Lee-Carre]

• The Joel [Spolsky] Test: 12 Steps to Better Code
• David Wheeler's Secure Programming for Linux and Unix HOWTO — Creating Secure Software
• Eric Raymond's The Art of Unix Programming

While code quality is important, usability (and user-experience) is also important for quality software.