Draft: 16.5 Planning—Static Analysis
🔒 Secure, Static Analysis - Milestone Planning
This is a planning issue for devopssecure groupstatic analysis, which maintains:
- Category:SAST, including IaC Scanning.
- Category:Secret Detection.
- Category:Code Quality.
See the group handbook page for more about this issue and how it fits into group workflows.
In this issue:
Narrative
Priorities
Key items to deliver
This section lists items that should be ready to deliver (or at least to move forward). Many of these items should be defined as ~Deliverable items, assuming they are feasible to deliver in the milestone.
Status of this list: Finalizing with input on status of carryover work, bugs, maintenance
Initiative | Item | Why? | Area |
---|
Looking forward
This section lists items that are in earlier stages of planning. Refining them is an important part of this milestone because it sets us up to work on them in the following milestones. Primary areas of responsibility are listed, but everyone can contribute!
This is almost certainly more than we can take on. It's generally in priority order (most important at the top).
Initiative | Item | Why? | Area |
---|
Good candidate issues if time allows
Item | Why? | Area |
---|
Please suggest others or add them directly.
Learn and react
We'll engage with these initiatives, and respond within the milestone by filing issues or implementing if feasible:
TBD
Product and UX
This section includes other Product and UX context that may not fit into the Looking forward section above.
Product Manager: @connorgilbert
- Update direction pages to new format
- Engage on MR redesign efforts
- Summarize UX Heuristic review results and schedule for implementation
- Contribute to new Static Analysis JTBDs
UX Designer: PTO
- See planning issue (link: TODO)
Documentation
This section includes group inputs and the plan for Technical Writing in the milestone.
Technical Writing stable counterpart: @rdickenson
Input on group priorities
Initial thoughts below
From a groupstatic analysis perspective, the following would likely improve customer outcomes:
Anticipated release posts and documentation include:
- Monthly analyzer updates
Planned new content
TBD
Planned maintenance
Quality
This section includes group inputs and the plan for Quality in the milestone.
Input on group priorities
Team members have been working to identify changes to our rule and analyzer testing. These efforts should inform our proactive Quality efforts this milestone.
Quality plan
Pending