- Jason Lucas
- Scott Bauer
- Corey Endle
Stepping through the Jan doc Jan 11, 2018
|What are current assets
Identify and prioritize areas where we need technical writing
Should be part of Inventory. Not in scope for future services planning.
Might be leveraged to create RDF import to triplestore. Joann Wong administers server?
Used differently in different documents. Clarify that we mean electronic data services (better description?)
GitHub crawl report highlights issue - how do we rapidly respond to security issues.
Requires investigation of possibilities and risks each time.
Architecture issue? Microservices might help compartmentalize risk and effort.
Spring version interdependence requires wide updates - for LexEVS RMI.
EVSRestAPI uses Spring boot and it handles versioning of Spring dependencies.
Options: deploying a jar with embedded container is attractive, but raises security issues. Systems uses containers fronted by Apache.
Current issue with spring - Kumar setting up meeting? Updating Spring would force RMI users to update jars. Need to notify stakeholders. Does this matter to security? Is NHS getting these reports and holding us accountable, or is this a CBIIT local issue? How important does CBIIT consider this to be? Who is in charge of this now that Phil Hartman is gone?
Is AppScan testing Rest APIs appropriately?
|What are our options for cloud. Even if we aren't ready to start planning, we should know what is available. FNL same as NCI cloud?
- Tracy to contact Kumar about Spring update