14.6 planning - Composition Analysis (November-December)
Helpful Links 🔗
Click to expand...
- How we work
- Slack channel: #g_secure-composition-analysis
- Bug Board
- Performance Indicators
-
Planning Board for checking Deliverable/
Stretch/"Next Patch Release" - Dev workflow Board for checking workflowscheduling and workflowready for development
- Backend Board
- SCA Categories Board
- All Secure Issues
- All CA Issues
- All Backend CA issues
- All Frontend CA issues
- CA priorities for the year 2021
- CA priorities for the year 2022
Context
Capacity variations
This includes planned OOO, internships, conferences and other initiatives outside of groupcomposition analysis.
-
backend => 75%
- Fabien: 50% (reaction rotation)
- Igor: 50% (finish with Manage Import + PTO)
- Tetiana: 100%
- Adam: 100%
-
frontend
Items slipping from the previous release
This is a rough list of the items that may have a significant impact on that release (no need to be an exhaustive list).
...
Product Goals in priority order
Q4 - auto remediation, display dependency path mvc, start on LF replacement research and SBOM step 1
Always
| Feature | Links | Notes |
|---|---|---|
| Reaction rotation | triage incoming bugs, security, customers, community contributions. use timeboxing. | |
| infradev | must do within SLO | |
| security | must do within SLO, start with P1, if none move to P2, if none move to P3. P3 can miss SLO for now | |
| bugs | filled in as we have space | |
| upkeep tools | update and scan our tools as updates are available | high priority - update tools if applicable and desired (we have intentionally decided against some specific updates) |
TOP SPOTS
| Feature | Links | Notes |
|---|---|---|
| EPIC: Auto-Remediation: auto-create merge request | BLOCKED | BLOCKED |
| EPIC: Show paths to dependencies MVC | Show Path MVC prep | |
| EPIC:SBOM to viable | Create plan for ISBOM rollout | |
| EPIC: Engineering Research: How do we advance alternate license scanning | Update the Criteria for replacing License Finder | |
| Help Matt | link | We want them to be able to make progress so we can get the better sorting and grouping and pagination and filters and they are getting bogged with surprise work on the perf stuff |
Stretch
| Feature | Links | Notes |
|---|---|---|
|
|
Unification of backend for CE & EE | high priority - partner with frontend |
| 15.0 Deprecations and Removals - SCA | ||
| OKR-Personal Growth project | please try to put some time against this | |
| OKR-hiring | please prioritize this is you are tapped to help | |
| OKR-psychological safety training | here and here | try to make some time for this |
| OKR-UX | TBD | TBD |
| OKR-QA | TBD | TBD |
| OKR-error budget | TBD | TBD |
Please work the above in order. If something of a higher category comes in you can feel free to swap it for a lower item (cc Nicole and Oliver). If it does not fall into one of the above and you think it can wait please place in %Backlog - if you feel it should be strongly considered for an upcoming release please place in %Next 1-3 releases
Feel free to use the following message Product has determined that our current priority is related to finishing off two of our longstanding projects (automatic remediation mr creation by bot and show dependency paths) and starting on our next two projects (SBOM and replacing license finder). Upvoting and commenting on issues is the best way to make sure it is considered high priority as backlog items begin to be brought back in.