search

softwaresaved / fuji

FAIRsFAIR Research Data Object Assessment Service
MIT License
0 stars 1 forks source link

[Feature]: [FRSM-09] Is the software developed in a code repository / forge that uses standard communications protocols? #10

Open karacolada opened 7 months ago

karacolada commented 7 months ago

D5.2 p17+p27

Detailed Description

Software source code repositories / forges (a.k.a. version control platforms) should use standard communications protocols (such as https / sftp) to enable the widest possible set of contributors.

Domain-agnostic comments

Frameworks such as the Internet Protocol suite and Open Systems Interconnection model define different abstraction layers for networked communication. Several bodies, such as the IETF and ISO define standardised communications protocols utilised at each layer. In general, most widely used code repositories / forges use common standardised communications protocols such as https or sftp. In normal use, this test will be implemented by checking that the repository / forge can be accessed using one of these protocols. Using a software forge that is properly indexed by search engines will help with other aspects of findability.

CESSDA comments

Development of CESSDA tools and services is carried out using CESSDA-owned git-repositories on Github. If the code is developed publicly elsewhere, mirroring with clear pointers to the upstream are used (see docs.

Context

A1: Software is retrievable by its identifier using a standardised communications protocol. A1.1: The protocol is open, free, and universally implementable. A1.2: The protocol allows for an authentication and authorization procedure, where necessary. R3: Software meets domain-relevant community standards.

Possible Implementation

domain-agnostic
requirements Software source code identifier
method Check if the identifier for the code repository / forge can be accessed using standardised communications protocols such as https or sftp.
essential The code repository / forge can be accessed using the identifier via a standardised protocol.
important If authentication or authorisation are required, these are supported by the communication protocols and the repository / forge.
useful n/a

CESSDA
requirements Software source code identifier
method Check that the git repository of the component is accessible using standardised communications protocols such as https or sftp.
essential Ensure that repositories containing component software are publicly accessible.
important No authentication is required to view and/or clone CESSDA’s public repositories, even so, their contents cannot be modified directly by 3rd parties.
useful Pull requests are used to propose modifications to the contents.
karacolada commented 1 month ago

Extend standardised protocol for data evaluator: https://github.com/softwaresaved/fuji/blob/1778e730c80852f691e135a1b288bc2796914c46/fuji_server/evaluators/fair_evaluator_standardised_protocol_data.py#L12