15.2 planning - Composition Analysis (June-July)
Helpful Links 🔗
Click to expand...
- How we work
- Slack channel: #g_secure-composition-analysis
-
Planning Board for checking Deliverable/
Stretch/"Next Patch Release" - Dev workflow Board for checking workflowscheduling and workflowready for development
- Group Assignments Board
- Kickoff Board - direction and release post items
- upcoming milestones board
- [tier board - cleanup](https://gitlab.com/groups/gitlab-org/-/boards/1362488?label_name[]=group%3A%3Acomposition%20analysis]
- SCA Categories Board
- All Secure Issues
- All CA Issues
- All Backend CA issues
- All Frontend CA issues
- CA priorities for the year 2022
Context
Capacity variations
This includes planned OOO, internships, conferences and other initiatives outside of groupcomposition analysis.
-
backend => %
- Fabien: 70% - Security reaction rotation, PTO up to 3 days (TBD)
- Igor: 85% - Support reaction rotation
- Tetiana: 0% - Acting EM duties + Maintainership reaction rotation
- Adam: 100%
- Oscar: 60% - Support reaction rotation and one week PTO
-
- Fernando: 100%
Items slipping from the previous release
This is a rough list of the items that may have a significant impact on that release (no need to be an exhaustive list).
...
Product Goals in priority order
Always
| Feature | Links | Notes |
|---|---|---|
| Reaction rotation - Security | triage incoming bugs, security, customers, community contributions. use timeboxing. now must also include checking for new container OSes, tool versions, languages and package managers | |
| Reaction rotation - Maintainership | triage incoming bugs, security, customers, community contributions. use timeboxing. now must also include checking for new container OSes, tool versions, languages and package managers | |
| Reaction rotation - Support & Bugs | triage incoming bugs, security, customers, community contributions. use timeboxing. now must also include checking for new container OSes, tool versions, languages and package managers | |
| infradev | all infradev issues - this milestone | must do within SLO |
| bugvulnerability | Vulnerability Board - This Milestone | must do within SLO, start with P1, if none move to P2, if none move to P3. |
| security | Security issues - This Milestone | must do within |
| typebug | Bug Board - This Milestone | filled in as we have space |
Major Projects
| Priority | Feature | BE DRI | FE DRI |
|---|---|---|---|
| 1 | DS: All required FIPS work needs to be done prior to July 22 | @fcatteau | none |
| 2 | DS: Continuous Vulnerability Scans | @ifrenkel | none |
| 3 | LC: Replace License-Finder | @fcatteau | none |
| 4 | DS: Extract SBOM generation | @adamcohen | none |
| 5 | DS: Ignore devDependencies | @hacks4oats | none |
| 6 | LC: License MR Widget Extension | @brytannia | @farias-gl |
| 7 | OKR Migrate 12 Pajama Components | none | @farias-gl |
We should be working on FIPS as much as possible, if there is no FIPS then we can work on the others, priority order above is important.
GOALS
| Feature | Links | Notes |
|---|---|---|
| 1 test | all - this milestone | keep incrementally improving, do 1 per |
| 1 typemaintenance | all - P1 - this milestone | keep incrementally improving, do 1 per |
| 1 customer | all - this milestone | keep incrementally improving, do 1 per |
Stretch
| Feature | Links | Notes |
|---|---|---|
| frontend | issues | UX Improvements (SUS), OKRs (pajamas), Feature Flag survey cleanup, 15.0 cleanup/prep |
|
|
Unification of backend for CE & EE |
OKRs
| Feature | Links | Notes |
|---|---|---|
| Product | sec issue | See above top priority items |
| Product | SUS issues | none for CA last i looked |
| Product - Pajamas | issues and board and unassigned | If it has group::foundations on it, it can be re-assigned to your own group |
| UX | board | many labels, none of which I think we can take on right now |
| Engineering | ||
| Quality |
UX
Secure & Protect Team Planning Issues
Quality
Technical Writing
| Issue | Technical writing weight |
|---|---|
| Reorganise License Compliance documentation page (gitlab-org/gitlab#346085 - closed) | tw-weight8 |
| TOTAL | 8 |
PM Disscussions
| Feature | Links | Notes |
|---|---|---|
| 16.0 Deprecations and Removals - SCA | make progress so we can deprecate and remove |
Please work the above in order. If something of a higher category comes in you can feel free to swap it for a lower item (cc Nicole and Oliver). If it does not fall into one of the above and you think it can wait please place in %Backlog
Feel free to use the following message These are our current priorities for the [calendar year 2022](https://gitlab.com/gitlab-org/secure/general/-/issues/187). Upvoting and commenting on issues is the best way to make sure it is considered high priority as backlog items begin to be brought back in.