|
8 | 8 | # streamline automation in the event that other |
9 | 9 | # words or phrases should link to the term. |
10 | 10 | # |
| 11 | +- term: Administrator |
| 12 | + definition: | |
| 13 | + Any human who can modify settings on the target resource. |
11 | 14 | - term: Arbitrary Code |
12 | 15 | definition: | |
13 | 16 | Code provided by an external source that is |
|
50 | 53 | checks. |
51 | 54 | synonyms: |
52 | 55 | - Build and Release Pipelines |
| 56 | +- term: Code |
| 57 | + definition: | |
| 58 | + A set of deterministic instructions that a |
| 59 | + computer can execute to perform specific tasks. |
53 | 60 | - term: Change |
54 | 61 | definition: | |
55 | 62 | Any alteration of the project's codebase, |
|
83 | 90 | - CLA |
84 | 91 | - term: Contributor |
85 | 92 | definition: | |
86 | | - Entities who commit code or documentation to |
87 | | - the project. This includes both human |
88 | | - and non-human actors and makes no distinctions |
89 | | - based on their role within the project. |
90 | | -
|
91 | | - In the context of the Open Source Project |
92 | | - Security Baseline, code contributors does not |
93 | | - address non-code contributions such as |
94 | | - designing, triaging, reviewing, or testing. |
95 | | -- term: Codebase |
96 | | - definition: | |
97 | | - The collection of source code and related |
98 | | - assets that make up the project. The codebase |
99 | | - includes all files necessary to build and |
100 | | - test the software. Lives in the repository, |
101 | | - sometimes alongside documentation and CI/CD |
102 | | - pipelines. The contents of the codebase are |
103 | | - the primary deliverable in a release. |
| 93 | + Any entity that has made a change to the contents of a repository. |
104 | 94 | - term: Collaborator |
105 | 95 | definition: | |
106 | | - A human or non-human entity with permissions to |
107 | | - approve changes or manage the repository settings. |
108 | | - Collaborators may have varying permission levels based on |
109 | | - their role in the project. This does not |
110 | | - include contributors whose changes only |
111 | | - originate through a request from a repository |
112 | | - fork. |
| 96 | + Any entity who has any level of permissions issued by administrators |
| 97 | + of the repository. |
113 | 98 | - term: Commit |
114 | 99 | definition: | |
115 | 100 | A record of a single change submitted to the |
|
213 | 198 | event of violations. |
214 | 199 | synonyms: |
215 | 200 | - Known Vulnerability |
| 201 | +- term: Maintainer |
| 202 | + definition: | |
| 203 | + A human collaborator who is able to authorize |
| 204 | + changes to the contents of a repository. |
216 | 205 | - term: Multi-factor Authentication |
217 | 206 | definition: | |
218 | 207 | An authentication method that requires two or |
|
305 | 294 | - P-SSCRM |
306 | 295 | references: |
307 | 296 | - https://arxiv.org/pdf/2404.12300 |
| 297 | +- term: Project |
| 298 | + definition: | |
| 299 | + A group of people and resources that coordinate to |
| 300 | + produce a release. |
308 | 301 | - term: Project Documentation |
309 | 302 | definition: | |
310 | 303 | Written materials related to the project, |
|
355 | 348 | - Provenance |
356 | 349 | - term: Release |
357 | 350 | definition: | |
358 | | - - _(verb)_ The process of making a version |
359 | | - controlled bundle of assets available to |
360 | | - users, such as through a package registry. |
361 | | - - _(noun)_ A version-controlled bundle of |
362 | | - code, documentation, and other assets made |
363 | | - available to users. A release often includes |
364 | | - release notes that describe the changes. |
| 351 | + - _(verb)_ The process of making a |
| 352 | + version-controlled bundle of assets available |
| 353 | + to users, such as through a package registry. |
| 354 | + - _(noun)_ A version-controlled bundle of |
| 355 | + assets made available to users. |
365 | 356 | - term: Released Software Asset |
366 | 357 | definition: | |
367 | 358 | Deliverables provided to users as part of a |
368 | 359 | release. These assets can include binaries, |
369 | 360 | libraries, or containers. |
370 | 361 | - term: Repository |
371 | 362 | definition: | |
372 | | - A storage location managed by a version |
373 | | - control system where the project's code, |
374 | | - documentation, and other resources are |
375 | | - stored. It tracks changes, manages |
376 | | - collaborator permissions, and includes |
377 | | - configuration options such as branch |
378 | | - protection and access controls. |
| 363 | + A storage location managed by a version control |
| 364 | + system where the project's code, documentation, |
| 365 | + and other resources are stored. |
379 | 366 | synonyms: |
380 | 367 | - Repo |
381 | 368 | - Repositories |
|
477 | 464 | - Person |
478 | 465 | - term: Version Control System |
479 | 466 | definition: | |
480 | | - A tool that tracks changes to files over time |
481 | | - and facilitates collaboration among |
482 | | - contributors. Examples of version control |
483 | | - systems include Git, Subversion, and |
484 | | - Mercurial. |
| 467 | + A tool that facilitates collaboration among |
| 468 | + contributors by tracking changes, managing |
| 469 | + collaborator permissions, and providing configuration |
| 470 | + options. Examples of version control systems include |
| 471 | + Git, Subversion, and Mercurial. |
485 | 472 | synonyms: |
486 | 473 | - VCS |
487 | 474 | - term: Vulnerability Reporting |
|
0 commit comments