search

oasis-tcs / csaf

OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secondary artifacts like meeting minutes and productivity code
https://github.com/oasis-tcs/csaf
Other
148 stars 39 forks source link

Definition of `product` #692

Open wurstbrot opened 8 months ago

wurstbrot commented 8 months ago

Hi,

the product in CSAF might only be a library. Therefore, I feel it should be named component. Which is more generic.

As product is used a lot, a renaming might not be (easily) possible. Therefore, I recommend to update the definition from

product: is any deliverable (e.g. software, hardware, specification,...) which can be referred to with a name. This applies regardless of the origin, the license model, or the mode of distribution of the deliverable.

to:

product: is any deliverable (e.g. software, software libraries, hardware, specification,...) which can be referred to with a name. This applies regardless of the origin, the license model, or the mode of distribution of the deliverable.

Depending on the definition of software, you can argue library is included, already. But to point it out would be good because I thought it is an application until digging deeper in the CSAF specification.

tschmidtb51 commented 8 months ago

@wurstbrot Thank you for your contribution.

As "a product is defined as any deliverable which can be referred to with a name", I don't think that component would be a good fit. Would you for example refer to ISO 27001 as component? To me, a component is a part - so renaming might confuse other people who then ask where to put their final products...

Nevertheless, the TC will consider you suggestion.

wurstbrot commented 8 months ago

I agree that component wouldn't match and product is sufficient.

I personally, taking your comment into account, would call it artifact (which is a bit more technical and commonly used in software development and engineering contexts).