-
## Tell us about the problem you're trying to solve
* compare spotbugs, sonarqube, and snyk and implement them in the build for SOC2.
-
We have a number of policies, documents, checklists, etc. that we currently keep track of in a Google spreadsheet titled (and I'm not joking) the "Sheet of Sheets". It's literally a list of links to o…
-
-
April 2021 @StackStorm/tsc `1 hour` meeting will take place on Tuesday, `20th Apr 2021, 09:30 AM US Pacific`.
See #33 for more info about how to join.
# Agenda #
## Other hosting options ##
…
-
Roll out [DevX SOC2 compliance items](https://github.com/sourcegraph/sourcegraph/issues/29724) across our critical repos, in order of priority:
https://k8s.sgdev.org/users/robert/batch-changes/pr-a…
-
The release pipeline tries to make a git push with the ChangeLog after the tag is pushed; however, it should be the other way around as branch protection means that we can't have a bot push directly t…
-
Due: February 1, 2022
Sourcegraph uses a logging tool to log, continuously monitor, and retain account activity related to user actions throughout the production environment. Logs are stored encrypte…
-
Due: February 28, 2022
Failover testing is performed [frequency] to help ensure Company is prepared in the event of a scenario requiring failover.
Notes:
Managed instances -> walk through db o…
-
Due: February 15, 2022
Sourcegraph uses a website performance and availability monitoring tool to help ensure awareness of web application uptime. Uptime alerts are sent to the Security team and is…
-
Due: February 28, 2022
Sourcegraph maintains separate development, test, and production environments.