David A. Wheeler

We've completed the final draft, so I'm closing this issue. Once we release this guide, we'll close this related issue on releasing it: https://github.com/ossf/wg-best-practices-os-developers/issues/518

These are really significant performance impacts, on a relatively narrowly focused countermeasure. We definitely *should* document these options, including the performance impacts noted above. I don't think we should recommend...

Proposal - include text, but include at the end something like: “This option can have significant performance impact, while only countering a narrow type of vulnerability. Thus, we have not...

@hythloda - can you share and/or point us to OpenSSF-related CSS materials? Ideally CSS itself, if not, at least guidance docs. I think some experimentation will be necessary. Jennifer Bly...

I have a minor preference for 3, it seems the clearest.

@jennbly - please let us know when there's a final decision!

Full modification blocked until we know if we're moving off WordPress.

Not at this time. I've been waiting to hear more from Bennett.

Thanks so much! We really appreciate the feedback!

> This is a great feedback, however it does venture a bit into the "tooling" side that sits on top of SCM, rather then actually being the SCM responsibility, wouldn't...