-
Notifications
You must be signed in to change notification settings - Fork 9
10.19.2023 SLIM TSC Meeting
Rishi Verma edited this page Oct 23, 2023
·
6 revisions
- Meetings in November
- Leaderboard code available here: https://github.com/nasa-ammos/slim-leaderboard
- Engaging with institutional groups more
- Especially focused on GitHub security & detect-secrets
- Multiple copies of SLIM artifacts
- Example: README.md template
- Available in slim repo: https://github.com/NASA-AMMOS/slim/blob/main/docs/guides/documentation/readme/README.txt
- Available in slim-starterkit repo: https://github.com/NASA-AMMOS/slim-starterkit/blob/main/README.md
- Available in slim-python-starterkit repo: https://github.com/NASA-AMMOS/slim-starterkit-python/blob/main/README.md
- Use cases
- Using SLIM artifacts manually for GitHub, GitLab, and other software repository projects
- Using SLIM artifacts for open source or internal institutional projects
- New projects / existing projects
- Which one is canonical? How do we prevent divergence?
- @riverma Recommendation: keep GitHub.com/nasa-ammos/slim repository the canonical repository, and each time a release is made notify downstream projects that use it (i.e. GitHub.com/nasa-ammos/slim-starterkit, institutional projects, other starter kits, etc.)
- Example: README.md template
- New PRs:
- New issues:
- https://github.com/NASA-AMMOS/slim/issues/109
- https://github.com/NASA-AMMOS/slim/issues/110
- https://github.com/NASA-AMMOS/slim/issues/111
- https://github.com/NASA-AMMOS/slim/issues/113
- https://github.com/NASA-AMMOS/slim/issues/114
- https://github.com/NASA-AMMOS/slim/issues/115
- https://github.com/NASA-AMMOS/slim/issues/117
- https://github.com/NASA-AMMOS/slim/issues/115
- SLIM is an implementation of Shift Left and DevSecOps strategies (@jpl-jengelke)
- Descriptive methodology for building out secure and fully-featured development systems end-to-end
- Address testing, deployment and security concerns alongside the development process
- Proposed SCaLE 21x Presentation Topic
- Shift Left: NASA JPL's Software Lifecycle Improvement & Modernization (SLIM) Project Helps Developers Strategically Implement Best Practices
- Multiple copies of SLIM artifacts
- Feedback: keep a versioning tag that indicates the version and the "authoritative" copy
- Feedback: keep it "DRY" - have a single repository with the main copy and have other repositories use the main artifact via modules
- Question: what happens when end-user projects customize content and there's a new version?
- Potentially the dependabot method
- Notifying projects via automated tickets