From f1694aa22a3676c7de9ac7a507ec043b3af64ac8 Mon Sep 17 00:00:00 2001 From: AltStack Bot Date: Mon, 2 Mar 2026 20:46:45 +0530 Subject: [PATCH] docs: add CRITERIA.md with transparent tool vetting standards Documents inclusion criteria: active maintenance, open-source license, self-hostability, functional replacement, and community traction. Also documents Docker config testing standards. --- CRITERIA.md | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++ README.md | 2 +- 2 files changed, 57 insertions(+), 1 deletion(-) create mode 100644 CRITERIA.md diff --git a/CRITERIA.md b/CRITERIA.md new file mode 100644 index 0000000..d9d611c --- /dev/null +++ b/CRITERIA.md @@ -0,0 +1,56 @@ +# Tool Vetting Criteria + +Every tool listed on The AltStack is manually reviewed against the criteria below before inclusion. This document exists for transparency — if a tool doesn't meet these standards, it won't be listed regardless of popularity. + +## Inclusion Criteria + +### 1. Active Maintenance +- Repository must have commits within the last 6 months +- Open issues should show maintainer engagement (not abandoned) +- Projects with a single commit or no release tags are excluded + +### 2. Open Source License +- Must use a recognized open-source license (MIT, Apache 2.0, GPL, AGPL, MPL, BSD, etc.) +- "Source available" with restrictive licenses are listed but clearly marked +- Proprietary tools are only listed as the "replaced by" reference, never as alternatives + +### 3. Self-Hostability +- Must be deployable on user-owned infrastructure +- Docker support is strongly preferred but not mandatory +- Clear installation documentation must exist +- Tools that require phoning home to a vendor service are flagged + +### 4. Functional Replacement +- Must genuinely replace or substitute the proprietary tool it's listed against +- We test core workflows, not just feature checkbox parity +- A tool listed as a "Slack alternative" must actually handle team messaging, not just have a chat widget + +### 5. Minimum Community Traction +- Not a hard star count threshold, but the project should show real-world usage +- Evidence includes: GitHub stars, active Discord/forum, third-party blog posts, or package download counts +- Solo hobby projects with no users are excluded + +## Docker Deployment Configs + +The 56+ tools with Docker Compose configurations have additional requirements: + +- Config must produce a working deployment (we test every config) +- Environment variables for secrets must use placeholder values, not hardcoded defaults +- The "Generate Secure Config" feature on the site replaces placeholders with cryptographically random values +- Configs target single-server deployment (not Kubernetes) + +## What We Don't Vet + +- We don't audit source code for security vulnerabilities +- We don't benchmark performance claims +- We don't verify every feature listed on a tool's own marketing page +- We don't guarantee long-term project survival + +## Reporting Issues + +If a listed tool no longer meets these criteria (abandoned, license changed, etc.), open an issue: +https://github.com/altstackHQ/altstack-data/issues + +## Changes to This Document + +This criteria may evolve. Changes will be tracked through git history on this file. diff --git a/README.md b/README.md index b66a56c..94315ea 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ Every SaaS you pay for is a piece of your sovereign control you are leasing. The mission of **AltStack** is to provide the data and deployment configurations necessary to replace the "Big Tech" stack with a **Sovereign Stack** you own. -This repository serves as the **Data HQ** for [The AltStack](https://thealtstack.com). Every tool listed here is vetted for quality, activity, and self-hostability. +This repository serves as the **Data HQ** for [The AltStack](https://thealtstack.com). Every tool listed here is vetted for quality, activity, and self-hostability. See [CRITERIA.md](CRITERIA.md) for the full vetting standards. ## 🚀 Quick Start (Mini-Stacks)