devops-maturity
diff --git a/‎config.yaml‎
Lines changed: 4 additions & 4 deletions b/‎config.yaml‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎content/_index.md‎
Lines changed: 69 additions & 105 deletions b/‎content/_index.md‎
Lines changed: 69 additions & 105 deletions
@@ -23,8 +23,8 @@ languages:
     params:
       weight: 1
       languageName: "English"
-      title: DevOps Maturity
-      description: DevOps Maturity Specification — assess, improve, and showcase your DevOps maturity.
+      title: DevOps Maturity Specification
+      description: Assess, improve, and showcase your DevOps maturity — across teams and organizations.
       actions:
       - label: Quick Summary
         url: '#summary'
@@ -38,8 +38,8 @@ languages:
     params:
       weight: 2
       languageName: "中文"
-      title: DevOps 成熟度
-      description: DevOps 成熟度规范 - 评估、改进和展示你的 DevOps 成熟度。
+      title: DevOps 成熟度规范
+      description: 评估、改进和展示你的 DevOps 成熟度 — 跨团队和组织。
       actions:
       - label: 概述
         url: '#概述'
 
@@ -8,9 +8,11 @@ layout: single
 
 ## Summary
 
-DevOps Maturity Specification provides guidelines for DevOps best practices, aiming to enhance collaboration, automation, and efficiency across software development and operations.
+### What is the DevOps Maturity Specification?
 
-## Key Points
+The DevOps Maturity Specification is a set of guidelines and criteria designed to help organizations assess and improve their DevOps practices. It provides a structured approach to evaluate key areas such as Basics, Quality, Security, Supply Chain Security, Analysis, and Reporting. The specification is intended to align with best practices and provide a framework for continuous improvement within the DevOps community.
+
+### Key Points
 
 - **Purpose**: Help organizations and teams assess DevOps practices, align on best practices, and drive continuous improvement.
 - **Scope**: Covers key DevOps domains including build, testing, security, supply chain, analysis, and reporting.
@@ -22,32 +24,33 @@ DevOps Maturity Specification provides guidelines for DevOps best practices, aim
 
 ## Specification
 
-| **Category**       |  **Code**| **Criteria**                                               |**Req.**|
-|--------------------|----------|------------------------------------------------------------|--------|
-| Basics             | D101     | [Branch Builds](#d101-branch-builds)                       | 🟢    |
-|                    | D102     | [Pull Request Builds](#d102-pull-request-builds)           | 🟢    |
-|                    | D103     | [Clean Build Environments](#d103-clean-build-environments) | 🟡    |
-| Quality            | D201     | [Unit Testing](#d201-unit-testing)                         | 🟢    |
-|                    | D202     | [Functional Testing](#d202-functional-testing)             | 🟢    |
-|                    | D203     | [Performance Testing](#d203-performance-testing)           | 🟡    |
-|                    | D204     | [Code Coverage](#d204-code-coverage)                       | 🟡    |
-|                    | D205     | [Accessibility Testing](#d205-accessibility-testing)       | 🟡    |
-| Security           | D301     | [Security Scanning](#d301-security-scanning)               | 🟢    |
-|                    | D302     | [License Scanning](#d302-license-scanning)                 | 🟡    |
-| Supply Chain Security| D401   | [Documented Build Process](#d401-documented-build-process) | 🟢    |
-|                    | D402     | [CI/CD as Code](#d402-ci-cd-as-code)                       | 🟢    |
-|                    | D403     | [Artifact Signing](#d403-artifact-signing)                 | 🟡    |
-|                    | D404     | [Dependency Pinning](#d404-dependency-pinning)             | 🟡    |
-| Analysis           | D501     | [Static Code Analysis](#d501-static-code-analysis)         | 🟡    |
-|                    | D502     | [Dynamic Code Analysis](#d502-dynamic-code-analysis)       | 🟡    |
-|                    | D503     | [Code Linting](#d503-code-linting)                         | 🟡    |
-| Reporting          | D601     | [Notifications & Alerts](#d601-notifications--alerts)      | 🟢    |
-|                    | D602     | [Attached Reports](#d602-attached-reports)                 | 🟡    |
-
-- 🟢 Must-Have (Weight: 1)
-- 🟡 Nice-to-Have (Weight: 0.5)
-
-_Proposed a new criterion?_ Please [open an issue](https://github.com/devops-maturity/spec/issues).
+| **Category**       | **Code**[^1]| **Criteria**[^2]            |**Req.**[^3]|
+|--------------------|----------|--------------------------------|--------|
+| Basics             | D101     | Branch Builds                  | 🟢    |
+|                    | D102     | Pull Request Builds            | 🟢    |
+|                    | D103     | Clean Build Environments       | 🟡    |
+| Quality            | D201     | Unit Testing                   | 🟢    |
+|                    | D202     | Functional Testing             | 🟢    |
+|                    | D203     | Performance Testing            | 🟡    |
+|                    | D204     | Code Coverage                  | 🟡    |
+|                    | D205     | Accessibility Testing          | 🟡    |
+| Security           | D301     | Security Scanning              | 🟢    |
+|                    | D302     | License Scanning               | 🟡    |
+| Supply Chain Security| D401   | Documented Build Process       | 🟢    |
+|                    | D402     | CI/CD as Code                  | 🟢    |
+|                    | D403     | Artifact Signing               | 🟡    |
+|                    | D404     | Dependency Pinning             | 🟡    |
+| Analysis           | D501     | Static Code Analysis           | 🟡    |
+|                    | D502     | Dynamic Code Analysis          | 🟡    |
+|                    | D503     | Code Linting                   | 🟡    |
+| Reporting          | D601     | Notifications & Alerts         | 🟢    |
+|                    | D602     | Attached Reports               | 🟡    |
+
+[^1]: A criteria ID code is a unique identifier assigned to specific criteria. For more details, see the [Code Map](#code-map).
+[^2]: Detailed information on each criteria can be found in the [Criteria Details](#criteria-details) section.
+[^3]: Required Levels: 🟢 Must-Have (Weight: 1), 🟡 Nice-to-Have (Weight: 0.5).
+
+_Proposed a new criteria?_ Please [open an issue](https://github.com/devops-maturity/spec/issues).
 
 ## Badge Levels
 
@@ -82,90 +85,51 @@ Your score will generate one of the following badges:
 
 ## Criteria Details
 
-#### D101 Branch Builds
-
-Supports builds from any specific branch, not just the `main` branch.
-
-#### D102 Pull Request Builds
-
-Supports building pull requests (PRs), not limited to direct pushes to branches.
-
-#### D103 Clean Build Environments
-
-Supports building in clean environments, such as containers or virtual machines (VMs).
-
-#### D201 Unit Testing
-
-Supports unit testing, including unit or component-level tests.
-
-#### D202 Functional Testing
-
-Supports functional testing, such as integration or end-to-end (E2E) tests.
-
-#### D203 Performance Testing
-
-Supports performance testing, including load, stress, or throughput testing.
-
-#### D204 Code Coverage
-
-Supports measuring code coverage, including line, branch, or function coverage.
-
-#### D205 Accessibility Testing
-
-Supports accessibility testing for standards compliance, such as WCAG.
-
-#### D301 Security Scanning
-
-Supports security scanning, including SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing).
-
-#### D302 License Scanning
-
-Supports license scanning using tools like SPDX, FOSSology, or license-checkers.
-
-#### D401 Documented Build Process
+{{< details title="Click to expand criteria details" >}} 
+
+| **Code** | **Criteria**           | **Description**                            |
+| ------ | ------------------------ | ------------------------------------------ |
+| D101   | Branch Builds            | Supports builds from any specific branch, not just the `main` branch. |
+| D102   | Pull Request Builds      | Supports building pull requests (PRs), not limited to direct pushes to branches. |
+| D103   | Clean Build Environments | Supports building in clean environments, such as containers or VMs. |
+| D201   | Unit Testing             | Supports unit testing, including unit or component-level tests.     |
+| D202   | Functional Testing       | Supports functional testing, such as integration or end-to-end (E2E) tests. |
+| D203   | Performance Testing      | Supports performance testing, including load, stress, or throughput testing.|
+| D204   | Code Coverage            | Supports measuring code coverage, including line, branch, or function coverage.|
+| D205   | Accessibility Testing    | Supports accessibility testing for standards compliance, such as WCAG.|
+| D301   | Security Scanning        | Supports security scanning, including SAST and DAST.                  |
+| D302   | License Scanning         | Supports license scanning using tools like SPDX, FOSSology, or license-checkers.|
+| D401   | Documented Build Process | Provides a documented build process, including build steps or reproducibility.|
+| D402   | CI/CD as Code            | Supports CI/CD workflows defined as code, such as pipeline-as-code.   |
+| D403   | Artifact Signing         | Supports artifact signing to ensure authenticity and integrity.       |
+| D404   | Dependency Pinning       | Supports dependency pinning or version locking for reproducible builds. |
+| D501   | Static Code Analysis     | Supports static analysis tools like SonarQube, Polaris, or similar.   |
+| D502   | Dynamic Code Analysis    | Supports dynamic analysis, including runtime behavior analysis or fuzz testing.|
+| D503   | Code Linting             | Supports code linting using tools like ESLint, Prettier, or pre-commit hooks.|
+| D601   | Notifications & Alerts   | Supports notification systems such as email or Slack alerts.          |
+| D602   | Attached Reports         | Supports attaching detailed reports to builds, like test results or coverage.|
+
+{{< /details >}}
 
-Provides a documented build process, including build steps, manifests, or reproducibility details.
-
-#### D402 CI/CD as Code
-
-Supports CI/CD workflows defined as code, such as pipeline-as-code or infrastructure-as-code.
-
-#### D403 Artifact Signing
-
-Supports artifact signing (e.g., with PGP or GPG) to ensure authenticity and integrity.
-
-#### D404 Dependency Pinning
-
-Supports dependency pinning or version locking to ensure reproducible builds.
-
-#### D501 Static Code Analysis
-
-Supports static code analysis tools such as SonarQube, Polaris, or similar.
-
-#### D502 Dynamic Code Analysis
-
-Supports dynamic analysis, including runtime behavior analysis or fuzz testing.
-
-#### D503 Code Linting
-
-Supports code linting using tools like ESLint, Prettier, or pre-commit hooks.
-
-#### D601 Notifications & Alerts
+---
 
-Supports notification systems such as email or Slack alerts.
+## FAQ
 
-#### D602 Attached Reports
+### What is the difference between OpenSSF Best Practices and DevOps Maturity?
 
-Supports attaching detailed reports to builds, such as test results or coverage metrics.
+[OpenSSF Best Practices](https://www.bestpractices.dev/) targets open source projects across the entire software development lifecycle, while DevOps Maturity focuses specifically on DevOps practices applicable to both open source and internal enterprise projects. DevOps Maturity provides both a web UI and a CLI for automatic maturity scoring. In contrast, OpenSSF Best Practices only offers a web-based SaaS and does not support internal deployment.
 
----
+### What is the difference between DevOps Maturity Model and DevOps Maturity Specification?
 
-## FAQ
+The DevOps Maturity Model is a conceptual framework that outlines the stages of DevOps adoption and maturity, while the DevOps Maturity Specification provides a detailed, actionable set of criteria and guidelines for assessing and improving DevOps practices.
 
-### What tools can be used to calculate your score?
+### How can I contribute to the DevOps Maturity Specification?
 
-You can use [devops-maturity](https://github.com/devops-maturity/devops-maturity), which supports web UI and CLI to calculate your score automatically.
+You can contribute by proposing new criteria, features, or reporting bugs. Please [open an issue](https://github.com/devops-maturity/spec/issues) or [create a pull request](https://github.com/devops-maturity/spec/pulls) on GitHub. We welcome contributions from the community!
 
-### What is the difference between OpenSSF Best Practices and DevOps Maturity?
+### How can I use the DevOps Maturity Specification in my organization?
 
-[OpenSSF Best Practices](https://www.bestpractices.dev/) targets open source projects across the entire software development lifecycle, while DevOps Maturity focuses specifically on DevOps practices applicable to both open source and internal enterprise projects. DevOps Maturity provides both a web UI and a CLI for automatic maturity scoring. In contrast, OpenSSF Best Practices only offers a web-based SaaS and does not support internal deployment.
+You can integrate the DevOps Maturity Specification into your organization's DevOps practices by:
+- Using the criteria to assess your current DevOps maturity level.
+- Implementing the recommended criteria to improve your DevOps processes.
+- Utilizing tools like [devops-maturity](https://github.com/devops-maturity/devops-maturity) to calculate maturity scores and generate badges automatically.