-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
23 changed files
with
370 additions
and
146 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,19 @@ | ||
= Security policy | ||
|
||
== Supported versions | ||
{product} is an open source project maintained by a community of dedicated contributors. | ||
While we strive to ensure the highest security standards, our support and maintenance are provided on a best-effort basis. | ||
|
||
The versions of the project that are supported with security updates. | ||
Here are the key points of the {product} security policy: | ||
|
||
[] | ||
|=== | ||
|Version | Supported | ||
* Supported Versions: We don't officially designate specific versions as supported or unsupported. | ||
The efforts are focused on maintaining and improving the latest release. | ||
* Issue Handling: Security fixes and updates are applied only to the latest release. | ||
Users are encouraged to upgrade to the latest version to benefit from the latest security enhancements and fixes. | ||
* Professional Support: For users with specific security needs or who require support beyond the community-driven efforts, we recommend seeking professional support. | ||
This can offer dedicated help and tailored solutions to meet your unique requirements. | ||
|2023.12 | ||
| icon:check | ||
|=== | ||
If you have specific security concerns or need more in-depth support, please consider professional services that can offer comprehensive security solutions and ongoing maintenance for your {product} deployment. | ||
|
||
== Reporting a vulnerability | ||
|
||
You can report a vulnerability by contacting us via our xref:user-manual:support.adoc[support] page. | ||
You can report a vulnerability by contacting us through the xref:user-manual:support.adoc[support] page. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
= Customization and extensions | ||
|
||
{product} is extendable, making use of an open source low-code platform called {sw}. | ||
{product} is extendable, making use of an open source low-code platform called https://eclipse.dev/sirius/sirius-web.html{sw}. | ||
The platform enables the contribution of new specific views and the specific methodologies implementation. | ||
With {sw}, users can seamlessly extend {product}'s capability to meet their specific requirements, such as creating dedicated libraries or contributing specific metadata by adding new representations. | ||
Extensibility is a key strength of {product}, offering organizations the potential to enhance their System Engineering `SE` processes within the tool, ensuring consistency in modeling practices throughout their SE practitioners. |
31 changes: 31 additions & 0 deletions
31
doc/content/modules/installation-guide/pages/how-tos/https.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
= Configuring HTTPS for local server deployment of {product} | ||
|
||
[WARNING] | ||
==== | ||
Enabling HTTPS with a self-signed certificate is intended for testing purposes only and shouldn't be used in a production environment. | ||
Self-signed certificates don't provide the same level of security and trust as certificates issued by a trusted Certificate Authority (CA). | ||
For production deployments, obtain a valid certificate from a trusted CA to ensure secure and reliable communication. | ||
==== | ||
|
||
If you intend to install {product} on a local server or machine and allow several users to access it, you must enable HTTPS. | ||
If you don't have a certificate, you can generate one by using https://docs.oracle.com/en/java/javase/11/tools/keytool.html[keytool] for testing purposes only. | ||
|
||
. Create a self-signed certificate: | ||
+ | ||
[source, bash] | ||
---- | ||
keytool -genkeypair -alias myalias -keyalg RSA -keysize 2048 -validity 365 -keystore keystore.jks | ||
---- | ||
. Place the certificate file next to your `{product}-application` JAR file | ||
. Launch your JAR (as explained in the xref:installation-guide:how-tos/install.adoc#start-app[start the application section] with the following extra properties: | ||
+ | ||
[source, bash] | ||
---- | ||
--server.ssl.key-store=./keystore.jks \ | ||
--server.ssl.key-store-password=PASSWORD_USED_IN_STEP_1 \ | ||
--server.ssl.key-store-type=JKS \ | ||
--server.ssl.key-alias=myalias \ | ||
--server.ssl.key-password=PASSWORD_USED_IN_STEP_1 | ||
---- | ||
. Every user in your local network can now access the application at: | ||
`https://{product}_SERVER_IP:8080` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,33 @@ | ||
= {product} dev cycle | ||
= {product} development cycle | ||
|
||
{product}, as an open source project, follows a well-defined development cycle to ensure regular and structured updates. | ||
The cycle spans 8 weeks and includes three main phases: | ||
|
||
* Development (4 Weeks): | ||
* Focus: This phase is dedicated to actively working on new features, bug fixes, and enhancements. | ||
* Activities: Contributors, including community members and core developers, work together to develop new functionalities, perform code reviews, and integrate changes. | ||
Collaboration and transparency are key during this phase. | ||
* Stabilization and Feature Freeze (2 Weeks): | ||
* Focus: We enter a feature freeze period where no new features are introduced. | ||
* Activities: During this time, the focus shifts to thorough testing and stabilization of the new features. | ||
This ensures the software's quality and reliability. | ||
Any remaining issues or bugs are addressed to prepare for the release. | ||
* Cool Down and Planning (2 Weeks): | ||
* Focus: This phase involves wrapping up the current cycle and preparing for the next one. | ||
* Activities: Contributors work on upgrading dependencies, resolving minor issues, and documenting the latest changes. | ||
Additionally, the team discusses and plans the features and tasks for the next cycle, ensuring a smooth transition. | ||
The General Availability (GA) release of {product} occurs on the eighteenth week of each development cycle. | ||
== Team Organization | ||
|
||
Being an open source project, {product} thrives on community participation and collaboration. | ||
Here's how the team is organized: | ||
* Core Developers: these are the primary maintainers who oversee the project's direction, manage releases, and ensure code quality. | ||
* Contributors: this includes anyone from the community who contributes code, documentation, or ideas. | ||
Contributions are reviewed and merged by core developers. | ||
* Community: a diverse group of users, testers, and enthusiasts who provide feedback, report bugs, and propose new features. | ||
|
||
This collaborative approach allows {product} to continuously evolve while maintaining a high standard of quality and performance. | ||
If you're interested in contributing or have any questions, feel free to join the xref:user-manual:forum.adoc[community discussions] or xref:user-manual:help.adoc[contact us]. |
Oops, something went wrong.